Limits...
A comprehensive review on adaptability of network forensics frameworks for mobile cloud computing.

Khan S, Shiraz M, Wahab AW, Gani A, Han Q, Rahman ZB - ScientificWorldJournal (2014)

Bottom Line: Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters.A classification is proposed to help understand the anatomy of existing NFFs.The paper concludes by discussing research challenges for progressive network forensics in MCC.

View Article: PubMed Central - PubMed

Affiliation: Centre for Mobile Cloud Computing Research (C4MCCR), Faculty of Computer Science and Information Technology, University of Malaya, 50603 Lembah Pantai, Kuala Lumpur, Malaysia ; University of Malaya, 50603 Lembah Pantai, Kuala Lumpur, Malaysia.

ABSTRACT
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC.

Show MeSH

Related in: MedlinePlus

Digital forensics process model.
© Copyright Policy - open-access
Related In: Results  -  Collection


getmorefigures.php?uid=PMC4109117&req=5

fig2: Digital forensics process model.

Mentions: A digital forensics process model requires four steps to conduct the investigation; these steps are acquisition, identification, evaluation, and admission. These steps are integrated to obtain digital evidence from digital artifacts, which are then presented in court [46]. Alternatively, these steps were modified into five steps, namely, preservation, collection, examination, analysis, and presentation, in [40]. The first harmonized digital forensic investigation model was developed by integrating existing iterative and multitier models [47] to perform efficient digital investigation under legal terms and conditions. The National Institute of Standard and Technology explains the digital forensic process in their report by proposing four steps, namely, collection, examination, analysis, and reporting, as shown in Figure 2 [48].


A comprehensive review on adaptability of network forensics frameworks for mobile cloud computing.

Khan S, Shiraz M, Wahab AW, Gani A, Han Q, Rahman ZB - ScientificWorldJournal (2014)

Digital forensics process model.
© Copyright Policy - open-access
Related In: Results  -  Collection

Show All Figures
getmorefigures.php?uid=PMC4109117&req=5

fig2: Digital forensics process model.
Mentions: A digital forensics process model requires four steps to conduct the investigation; these steps are acquisition, identification, evaluation, and admission. These steps are integrated to obtain digital evidence from digital artifacts, which are then presented in court [46]. Alternatively, these steps were modified into five steps, namely, preservation, collection, examination, analysis, and presentation, in [40]. The first harmonized digital forensic investigation model was developed by integrating existing iterative and multitier models [47] to perform efficient digital investigation under legal terms and conditions. The National Institute of Standard and Technology explains the digital forensic process in their report by proposing four steps, namely, collection, examination, analysis, and reporting, as shown in Figure 2 [48].

Bottom Line: Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters.A classification is proposed to help understand the anatomy of existing NFFs.The paper concludes by discussing research challenges for progressive network forensics in MCC.

View Article: PubMed Central - PubMed

Affiliation: Centre for Mobile Cloud Computing Research (C4MCCR), Faculty of Computer Science and Information Technology, University of Malaya, 50603 Lembah Pantai, Kuala Lumpur, Malaysia ; University of Malaya, 50603 Lembah Pantai, Kuala Lumpur, Malaysia.

ABSTRACT
Network forensics enables investigation and identification of network attacks through the retrieved digital content. The proliferation of smartphones and the cost-effective universal data access through cloud has made Mobile Cloud Computing (MCC) a congenital target for network attacks. However, confines in carrying out forensics in MCC is interrelated with the autonomous cloud hosting companies and their policies for restricted access to the digital content in the back-end cloud platforms. It implies that existing Network Forensic Frameworks (NFFs) have limited impact in the MCC paradigm. To this end, we qualitatively analyze the adaptability of existing NFFs when applied to the MCC. Explicitly, the fundamental mechanisms of NFFs are highlighted and then analyzed using the most relevant parameters. A classification is proposed to help understand the anatomy of existing NFFs. Subsequently, a comparison is given that explores the functional similarities and deviations among NFFs. The paper concludes by discussing research challenges for progressive network forensics in MCC.

Show MeSH
Related in: MedlinePlus