Back to Search Start Over

Distributed Filesystem Forensics: Ceph as a Case Study

Authors :
Ali Dehghantanha
Krzysztof Nagrabski
Milda Petraityte
Michael Hopkins
Mohammad Hammoudeh
Gregory Epiphaniou
Reza M. Parizi
Source :
Handbook of Big Data and IoT Security ISBN: 9783030105426, Handbook of Big Data and IoT Security
Publication Year :
2019
Publisher :
Springer International Publishing, 2019.

Abstract

Cloud computing is becoming increasingly popular mainly because it offers more affordable technology and software solutions to start-ups and small and medium enterprises (SMEs). Depending on the business requirements there are various Cloud solution providers and services, yet because of this it becomes increasingly difficult for a digital investigator to collect and analyse all the relevant data when there is a need. Due to the complexity and increasing amounts of data, forensic investigation of Cloud is turning into a very complex and laborious endeavour. Ceph is a filesystem that provides a very high availability and data self-healing features, which ensure that data is always accessible without getting damaged or lost. Because of such features, Ceph is becoming a favourite file system for many cloud service providers. Hence, understanding the remnants of malicious users activities is become a priority in Ceph file system. In this paper, we are presenting residual evidences of users’ activities on Ceph file system on Linux Ubuntu 12.4 operating system and discuss the forensics relevance and importance of detected evidences. This research follows a well-known cloud forensics framework in collection, preservation and analysis of CephFS remnants on both client and server sides.

Details

ISBN :
978-3-030-10542-6
ISBNs :
9783030105426
Database :
OpenAIRE
Journal :
Handbook of Big Data and IoT Security ISBN: 9783030105426, Handbook of Big Data and IoT Security
Accession number :
edsair.doi...........65cd2ebb0b3f8654fcf81c0efed1cf7c
Full Text :
https://doi.org/10.1007/978-3-030-10543-3_6