Secure data transmission and detection of anti-forensic attacks in cloud environment using MECC and DLMNN

Abstract

Anti-forensics is a set of techniques and measures adopted by an attacker aimed at compromising the digital investigation process in a computational environment. Cloud computing, which is an environment providing on demand resources to users, is susceptible to anti-forensic attacks. An anti-forensic attacker in the cloud can influence the cloud forensic process and tamper with evidences, causing damage to the investigation. Though some solutions have been proposed against anti-forensic attacks in cloud, there is a need to secure the evidences while in transit as well as in storage. In this work, we propose efficient algorithms for secure data (evidence) transmission and early detection of Anti-Forensic Attack (AFA). First, the data packets are compressed using a B-tree Huffman Encoding (BHE) algorithm; next, the packet marking technique is implemented to secure the IP address of the sender. For securely sending the data, we propose the Modified Elliptic curve cryptography (MECC) algorithm which encrypts the data packets and transmits it to a receiver. At the receiver side, the training is done using a Deep Learning Modified Neural Network (DLMNN) classifier, which tests the received data packet IP-address. Based on the IP-address of the sender, DLMNN identifies whether the received packet is an packet attacked or a non-attacked one. After the identification of the data packets, the decryption and de-compression of non-attacked data packets are done to obtain the original information. The original evidence information is further analyzed for investigation purposes. Experimental results shown by the proposed method are weighed against the prevailing techniques for performace comparison.