Cloud Storage Forensics

Book description

To reduce the risk of digital forensic evidence being called into question in judicial proceedings, it is important to have a rigorous methodology and set of procedures for conducting digital forensic investigations and examinations. Digital forensic investigation in the cloud computing environment, however, is in infancy due to the comparatively recent prevalence of cloud computing.

Cloud Storage Forensics presents the first evidence-based cloud forensic framework. Using three popular cloud storage services and one private cloud storage service as case studies, the authors show you how their framework can be used to undertake research into the data remnants on both cloud storage servers and client devices when a user undertakes a variety of methods to store, upload, and access data in the cloud. By determining the data remnants on client devices, you gain a better understanding of the types of terrestrial artifacts that are likely to remain at the Identification stage of an investigation. Once it is determined that a cloud storage service account has potential evidence of relevance to an investigation, you can communicate this to legal liaison points within service providers to enable them to respond and secure evidence in a timely manner.

  • Learn to use the methodology and tools from the first evidenced-based cloud forensic framework
  • Case studies provide detailed tools for analysis of cloud storage devices using popular cloud storage services
  • Includes coverage of the legal implications of cloud storage forensic investigations
  • Discussion of the future evolution of cloud storage and its impact on digital forensics

Table of contents

  1. Cover image
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Dedication
  6. Acknowledgments
  7. About the Authors
  8. Forewords
  9. Chapter 1. Introduction
    1. Information in this chapter
    2. Introduction
    3. Structure of book and contributions to knowledge
    4. References
  10. Chapter 2. Cloud Storage Forensic Framework
    1. Information in this chapter
    2. Introduction
    3. Cloud (storage) forensic framework
    4. Framework summary
    5. References
  11. Chapter 3. Microsoft SkyDrive Cloud Storage Forensic Analysis
    1. Information in this chapter
    2. Introduction
    3. SkyDrive forensics: Windows 7 PC
    4. SkyDrive forensics: Apple iPhone 3G
    5. Case study
    6. Conclusion
    7. References
  12. Chapter 4. Dropbox Analysis: Data Remnants on User Machines
    1. Information in this chapter
    2. Introduction
    3. Dropbox forensics: Windows 7 PC
    4. Dropbox forensics: Apple iPhone 3G
    5. Case study
    6. Conclusion
    7. References
  13. Chapter 5. Google Drive: Forensic Analysis of Cloud Storage Data Remnants
    1. Information in this chapter
    2. Introduction
    3. Google drive forensics: Windows 7 PC
    4. Google drive forensics: Apple iPhone 3G
    5. Google drive case study
    6. Conclusion
    7. Summary of Microsoft SkyDrive, Dropbox, and Google Drive findings
    8. References
    9. Appendix A
  14. Chapter 6. Open Source Cloud Storage Forensics: ownCloud as a Case Study
    1. Information in this chapter
    2. Introduction
    3. Experiment setup
    4. Findings
    5. Conclusion
    6. References
  15. Chapter 7. Forensic Collection of Cloud Storage Data: Does the Act of Collection Result in Changes to the Data or its Metadata?
    1. Information in this chapter
    2. Introduction
    3. Cloud storage providers
    4. Data collection via Internet access to a user account
    5. Research findings: discussion
    6. Conclusion
    7. References
  16. Chapter 8. Conclusion and Future Work
    1. Information in this chapter
    2. Research summary
    3. Future work
  17. Glossary
  18. Index

Product information

  • Title: Cloud Storage Forensics
  • Author(s): Darren Quick, Ben Martini, Raymond Choo
  • Release date: November 2013
  • Publisher(s): Syngress
  • ISBN: 9780124199910