http://orcid.org/0000-0003-4071-4596
![Sample our Environment & Agriculture journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5934/TOC-Subject-Sample-2021-Environment-Agriculture.jpg"})
Abstract
This paper examines the design and implementation of a feasible technique for performing Digital Forensic Readiness (DFR) in cloud computing environments. The approach employs a modified obfuscated Non-Malicious Botnet (NMB) whose functionality operates as a distributed forensic Agent-Based Solution (ABS) in a cloud environment with capabilities of performing forensic logging for DFR purposes. Under basic Service Level Agreements (SLAs), this proactive technique allows any organization to perform DFR in the cloud without interfering with operations and functionalities of the existing cloud architecture or infrastructure and the collected file metadata. Based on the evaluation discussed, the effectiveness of our approach is presented as the easiest way of conducting DFR in the cloud environment as stipulated in the ISO/IEC 27043: 2015 international standard, which is a standard of information technology, security techniques and incident investigation principles and processes. Through this technique, digital forensic analysts are able to maximize the potential use of digital evidence while minimizing the cost of conducting DFR. As a result of this process, the time and cost needed to conduct a Digital Forensic Investigation (DFI) is saved. As a consequence, the technique helps the law enforcement, forensic analysts and Digital Forensic Investigators (DFIs) during post-event response and in a court of law to develop a hypothesis in order to prove or disprove a fact during an investigative process, if there is an occurrence of a security incident. Experimental results of the developed prototype are described which conclude that the technique is effective in improving the planning and preparation of pre-incident detection during digital crime investigations. In spite of that, a comparison with other existing forensic readiness models has been conducted to show the effectiveness of the previously proposed Cloud Forensic Readiness as a Service (CFRaaS) model.
Acknowledgement
First, many thanks go to the editor for the important feedback. Second, the constructive feedback given by the anonymous reviewers is highly acknowledged. We gratefully acknowledge the support of Department of Computer Science, and the Information and Computer Security Architectures (ICSA) Research Group, University of Pretoria, South Africa. It is worth noting that any opinions, findings, and conclusions or recommendations expressed in this publication are those of the authors and do not necessarily reflect the views of the NRF or any organization that the authors are associated with.