TY - GEN
T1 - Cloudlet solution for digital forensic investigation of multiple cases of multiple devices
AU - Mthunzi, Siyakha N.
AU - Benkhelifa, Elhadj
AU - Jararweh, Yaser
AU - Al-Ayyoub, Mahmoud
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/6/12
Y1 - 2017/6/12
N2 - Multiple device ownership exponentially increases the volume and variety of data, with detrimental implications to digital forensic investigations. Several authors have proposed data reduction approaches in attempts to enhance the data acquisition and processing phases of the investigation process. Other works have aimed to take advantage of cloud computing's seemingly unlimited resources to leverage investigations. However, such approaches inadvertently affect the credibility of forensic evidence and its admissibility in a court of law, and degrade the efficiency of forensic processes. In this paper, we propose a novel approach which leverages current processes by focusing on augmenting computational and latency capabilities. To achieve this, we motivate a cloudlet-based digital forensic (DF) approach to complement existing cloud computing systems. Based on their proximity to end-devices and remote DF investigation teams, our proposed solution effectively tackles low latency challenges present with the cloud alternative. In addition, configuring the cloudlet solution as the sole custodian of data counters ensures that investigators remain in control of their data, and hence can maintain a comprehensive evidence trail. Finally, have also proposed a cloudlet-based DF resource optimization approach to facilitate upward and downward scaling of resources to cope with a variety of data sizes, multiple devices, and concurrent multiple cases.
AB - Multiple device ownership exponentially increases the volume and variety of data, with detrimental implications to digital forensic investigations. Several authors have proposed data reduction approaches in attempts to enhance the data acquisition and processing phases of the investigation process. Other works have aimed to take advantage of cloud computing's seemingly unlimited resources to leverage investigations. However, such approaches inadvertently affect the credibility of forensic evidence and its admissibility in a court of law, and degrade the efficiency of forensic processes. In this paper, we propose a novel approach which leverages current processes by focusing on augmenting computational and latency capabilities. To achieve this, we motivate a cloudlet-based digital forensic (DF) approach to complement existing cloud computing systems. Based on their proximity to end-devices and remote DF investigation teams, our proposed solution effectively tackles low latency challenges present with the cloud alternative. In addition, configuring the cloudlet solution as the sole custodian of data counters ensures that investigators remain in control of their data, and hence can maintain a comprehensive evidence trail. Finally, have also proposed a cloudlet-based DF resource optimization approach to facilitate upward and downward scaling of resources to cope with a variety of data sizes, multiple devices, and concurrent multiple cases.
KW - Cloudlet
KW - Digital forensics
KW - Multiple device
KW - Resource optimization
UR - https://www.scopus.com/pages/publications/85028527425
U2 - 10.1109/FMEC.2017.7946437
DO - 10.1109/FMEC.2017.7946437
M3 - Conference contribution
AN - SCOPUS:85028527425
T3 - 2017 2nd International Conference on Fog and Mobile Edge Computing, FMEC 2017
SP - 235
EP - 240
BT - 2017 2nd International Conference on Fog and Mobile Edge Computing, FMEC 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2nd International Conference on Fog and Mobile Edge Computing, FMEC 2017
Y2 - 8 May 2017 through 11 May 2017
ER -