The attacks on cloud-based networks have increased and could lead to various disadvantages such as the inaccessibility of services until the loss of user’s trust. Owncloud is one cloud implementation that runs on a network with more than 200 million users. The aims of these researches are to find digital evidence from DoS attacks. Some DoS attacks are SSH brute force, SYN flood, ping of death, and port scanning on the Owncloud network and then finding the digital evidence such as the attacker's IP, time occurred of the attack, types of the attack, also the resource usage of CPU and RAM. This research uses Wireshark and Snort tools to analyze the network and the method of Generic Framework for Network Forensic (GFNF) as a framework during the simulation process until performing the evidence. The simulation was carried out for 1 minute with 30 trials for each attack. The results of this study found the attacker’s IP, time of the attack occurred, types of attack, and also the increase of the resource usage on CPU and RAM when an attack occurred. The found of results digital evidence such as the attacker's IP, the time occurred of attack, and the types of attack were visualized as a table and presented on the ELK Stack dashboard.
Read full abstract