Abstract
Cloud computing services can be accessed via browsers or client applications on networked devices such as desktop computers, laptops, tablets and smartphones, which are generally referred to as endpoint devices. Data relevant to forensic investigations may be stored on endpoint devices and/or at cloud service providers. When cloud services are accessed from an endpoint device, several files and folders are created on the device; the data can be accessed by a digital forensic investigator using various tools. An investigator may also use an application programming interface made available by a cloud service provider to obtain forensic information from the cloud related to objects, events and file metadata associated with a cloud user. This chapter presents a taxonomy of the forensic tools used to extract data from endpoint devices and from cloud service providers. The tool taxonomy provides investigators with an easily searchable catalog of tools that can meet their technical requirements during cloud forensic investigations.
Highlights
In 1999, the U.S National Institute of Standards and Technology (NIST) [33] initiated the Computer Forensic Tool Testing (CFTT) Program to develop specifications and test methods for digital forensic tools
To enhance the use of the catalog by the digital forensics community, a taxonomy of cloud forensic tools is required that describes the tool attributes desired by users
The taxonomy should provide a searchable catalog of forensic tools, enabling
Summary
To cite this version: Anand Mishra, Emmanuel Pilli, Mahesh Govil. A Taxonomy of Cloud Endpoint Forensic Tools. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L’archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d’enseignement et de recherche français ou étrangers, des laboratoires publics ou privés
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
