Abstract
Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using fast-growing Software-Defined Networking (SDN) and Blockchain technology for Infrastructure-as-a-Service (IaaS) cloud. In this proposed forensic architecture, the evidence is collected and preserved in the blockchain that is distributed among multiple peers. To protect the system from unauthorized users, Secure Ring Verification based Authentication (SRVA) scheme is proposed. To strengthen the cloud environment, secret keys are generated optimally by using Harmony Search Optimization (HSO) algorithm. All data are encrypted based on the sensitivity level and stored in the cloud server. For encryption, Sensitivity Aware Deep Elliptic Curve Cryptography (SA-DECC) algorithm is presented. For every data stored in the cloud, a block is created in the SDN controller and the history of data is recorded as metadata. In each block, the Merkle hash tree is built by using Secure Hashing Algorithm-3 (SHA-3). Our system allows users to trace their data by deploying Fuzzy based Smart Contracts (FCS). Finally, evidence analysis is enabled by constructing Logical Graph of Evidence (LGoE) collected from the blockchain. Experiments are conducted in an integrated environment of java (for cloud and blockchain) and network simulator-3.26 (for SDN). The extensive analysis shows that proposed forensic architecture shows promising results in Response time, Evidence insertion time, Evidence verification time, Communication overhead, Hash computation time, Key generation time, Encryption time, Decryption time and total change rate.
Highlights
In this high-tech era, an increase in demands of cloud infrastructure among industries, governments, and individuals results in a lack of security
For each data stored in the cloud server, a block is created by the Software-defined Networking (SDN) controller and distributed over the blockchain network
In this paper, a novel digital forensic architecture is proposed with SDN and blockchain technology to collect and preserve reliable evidence from the IaaS cloud environment
Summary
In this high-tech era, an increase in demands of cloud infrastructure among industries, governments, and individuals results in a lack of security. Ekbatanifard: Digital Forensics Architecture for Evidence Collection and Provenance Preservation. We use blockchain technology for digital forensics in the cloud environment. Perhaps blockchain-based cloud forensic architecture is secure; there is strong authentication is required for evidence provenance [24]. The smart contracts are an autonomous entity that automatically executes under some conditions Data provenance is another challenging issue in the cloud environment [29]. The primary motivation of this research is to design digital forensics architecture with the use of SDN and blockchain technology in the cloud environment. We intend to adopt a strong authentication scheme, digital signature algorithm, and smart contracts for evidence collection and provenance. Digital forensic architecture is designed for evidence collection,analysis, and provenance in the Infrastructureas-a-Service (IaaS) cloud environment. Evidence collection is supported by the SDN controller and analyzed by the investigator with the support of the Logical Graph of Evidence (LGoE) analysis method. Proposed research work preserves the chain of custody (CoC), proof of ownership (PoO) and evidence integrity to improve the reliability of evidence collection
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
