Shodhganga : a reservoir of Indian theses @ INFLIBNET
The Shodhganga@INFLIBNET Centre provides a platform for research students to deposit their Ph.D. theses and make it available to the entire scholarly community in open access.
Please use this identifier to cite or link to this item:
http://hdl.handle.net/10603/427848
| Title: | Potential Evidence Detection for Efficient Cloud Forensics using Quantification and Triage |
| Researcher: | Prasad Purnaye |
| Guide(s): | Vrushali Kulkarni |
| Keywords: | Artificial Intelligence Cloud Forensics Engineering and Technology |
| University: | Dr. Vishwanath Karad MIT World Peace University |
| Completed Date: | 2022 |
| Abstract: | Cloud forensics is an investigation process of cybercrimes that have occurred using cloud services as a target or source or as an environment. The investigation needs digital evidence data that can prove in a court, that the event has happened. All of the data that is generated in the cloud cannot be used as evidence. However, the data which is generated during the attack can have traces of the event and hence it can be used as evidence data during a forensic investigation. The traditional approach of detecting and acquiring evidence data includes manual efforts. The different facets of cloud computing affect cloud forensics and make it a challenging process. Evidence acquisition is done at the Virtual Machine (VM) level using an agent-based collection mechanism. The collected evidence data needs to be stored with a chain of custody for the evidence to be admissible in a court of law. There is a need for guidelines and an effective approach for cloud forensics. The main goal of this research is to provide a cloud forensics system that detects and collects the evidence data in a cloud environment at a hypervisor level thereby reducing manual efforts using an AI Approach. newlineIn this research: - newline newline Hypervisor-level monitoring methods are explored to detect the evidence data generated during an attack. newline AI-based agent is proposed which is modeled for Evidence Detection in the cloud environment. newline A novel feature set is presented that monitors the rate of VM activities at the hypervisor level. The performance of the proposed system is tested with the novel feature set. newlineThis proposed method of evidence detection and acquisition is integrated with an evidence provenance system that stores the detected evidence in a blockchain. This ensures the chain of custody of the evidence data. The evidence acquisition considers the triage of the detected evidence based on the volatile nature of the data. newline newline |
| Pagination: | |
| URI: | http://hdl.handle.net/10603/427848 |
| Appears in Departments: | School of Computer Engineering and Technology |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| 01_title.pdf | Attached File | 61.35 kB | Adobe PDF | View/Open |
| 02_prelim pages.pdf | 673.78 kB | Adobe PDF | View/Open | |
| 03_content.pdf | 145.94 kB | Adobe PDF | View/Open | |
| 04_abstract.pdf | 115.89 kB | Adobe PDF | View/Open | |
| 05_chapter 01.pdf | 998.17 kB | Adobe PDF | View/Open | |
| 06_chapter 02.pdf | 793.52 kB | Adobe PDF | View/Open | |
| 07_chapter 03.pdf | 864.65 kB | Adobe PDF | View/Open | |
| 08_chapter 04.pdf | 549.41 kB | Adobe PDF | View/Open | |
| 09_chapter 05.pdf | 2.46 MB | Adobe PDF | View/Open | |
| 10_chapter 06.pdf | 1.28 MB | Adobe PDF | View/Open | |
| 11_chapter 07.pdf | 388.28 kB | Adobe PDF | View/Open | |
| 12_annexures.pdf | 2.75 MB | Adobe PDF | View/Open | |
| 80_recommendation.pdf | 448.47 kB | Adobe PDF | View/Open |
Items in Shodhganga are licensed under Creative Commons Licence Attribution-NonCommercial 4.0 International (CC BY-NC 4.0).