Verfügbarkeit: Cloud storage forensics | Technische Universität München

Gespeichert in:

Bibliographische Detailangaben
Beteiligte Personen:	Quick, Darren (VerfasserIn), Martini, Ben (VerfasserIn), Choo, Kim-Kwang Raymond (VerfasserIn)
Format:	Buch
Sprache:	Englisch
Veröffentlicht:	Amsterdam [u.a.] Elsevier Syngress 2014
Schriftenreihe:	Syngress
Schlagwörter:	Datenverarbeitung Computer crimes / Investigation Forensic sciences / Data processing Cloud computing Information storage and retrieval systems Computerforensik
Links:	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA
Umfang:	XVIII, 189 S. graph. Darst. 24 cm
ISBN:	9780124199705

Internformat

MARC


LEADER	00000nam a2200000 c 4500
001	BV041994606
003	DE-604
005	20140819
007	t\|
008	140725s2014 xx d\|\|\| \|\|\|\| 00\|\|\| eng d
016	7		\|a 016546960 \|2 DE-101
020			\|a 9780124199705 \|c pbk. : £42.99 \|9 978-012-419-970-5
035			\|a (OCoLC)889931974
035			\|a (DE-599)BSZ399486623
040			\|a DE-604 \|b ger
041	0		\|a eng
049			\|a DE-739
082	0		\|a 363.25028546782
084			\|a ST 277 \|0 (DE-625)143643: \|2 rvk
100	1		\|a Quick, Darren \|e Verfasser \|4 aut
245	1	0	\|a Cloud storage forensics \|c Darren Quick ; Ben Martini ; Kim-Kwang Raymond Choo
264		1	\|a Amsterdam [u.a.] \|b Elsevier Syngress \|c 2014
300			\|a XVIII, 189 S. \|b graph. Darst. \|c 24 cm
336			\|b txt \|2 rdacontent
337			\|b n \|2 rdamedia
338			\|b nc \|2 rdacarrier
490	0		\|a Syngress
650		4	\|a Datenverarbeitung
650		4	\|a Computer crimes / Investigation
650		4	\|a Forensic sciences / Data processing
650		4	\|a Cloud computing
650		4	\|a Information storage and retrieval systems
650	0	7	\|a Computerforensik \|0 (DE-588)4774034-6 \|2 gnd \|9 rswk-swf
689	0	0	\|a Computerforensik \|0 (DE-588)4774034-6 \|D s
689	0		\|5 DE-604
700	1		\|a Martini, Ben \|e Verfasser \|4 aut
700	1		\|a Choo, Kim-Kwang Raymond \|e Verfasser \|0 (DE-588)137128738 \|4 aut
856	4	2	\|m Digitalisierung UB Passau - ADAM Catalogue Enrichment \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA \|3 Inhaltsverzeichnis
856	4	2	\|m Digitalisierung UB Passau - ADAM Catalogue Enrichment \|q application/pdf \|u http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA \|3 Klappentext
943	1		\|a oai:aleph.bib-bvb.de:BVB01-027436771

Datensatz im Suchindex

_version_	1819329383067811840
adam_text	To reduce the risk of digitai forensic evidence being called into question in judicial proceedings, it is important to have a rigorous methodology and set of procedures for conducting digital forensic investigations and examinations. Digital forensic investigation in the cloud computing environment, however, is in infancy due to the comparatively recent prevalence of cloud computing. Cloud Storage Forensics presents the first evidence-based cloud forensic framework. Using three popular cloud storage services and one private cloud storage service as case studies, the authors - Darren Quick, Ben Martini, and Kim- Kwang Raymond Choo — demonstrated how their framework can be used to undertake research into the data remnants on both cloud storage servers and client devices when a user undertakes a variety of methods to store, upload, and access data in the cloud. By determining the data remnants on client devices, you gain a better understanding of the types of terrestrial artifacts that are likely to remain on the device. Once it is determined that a cloud storage service account has potential evidence of relevance to an investigation, you can communicate this to legal liaison points within service providers to enable them to respond and secure evidence in a timely manner. You may also use the guidance provided from the ownCioud case study to collect evidence directly from cloud servers where appropriate. In jurisdictions that have legal provisions to collect data accessible from a computer or device, the process may involve accessing an account to collect the data. • The first evidence-based cloud storage forensic framework to guide practitioners and researchers in a digital forensic investigation involving cloud storage services. • Case studies using popular public cloud storage services, which identify the types of terrestrial artefacts that are likely to remain on a client s machine, and the likely access point(s) for digits! forensic practitioners and researchers. ч Case study using an open source cloud storage as a service (StaaS) application, which provides an in-depth understanding of the artifacts available to digital forensics practitioners and researchers when conducting analysis on cloud StaaS environments on both clients and server. A process that digital forensics practitioners and researchers can use to collect data from cloud storage services when legal authority exists to access an account Contents Acknowledgments ................................................................................................. хш About the Authors ...................................................................................................xv Forewords ............................................................................................................. xvii CHAPTER 1 Introduction ...........................................................1 Introduction ....................................................................................1 Cybercrime and the cloud .............................................................3 Challenges faced by law enforcement and government agencies .....................................................................................5 Summary ........................................................................................7 Structure of book and contributions to knowledge .......................8 References ......................................................................................9 CHAPTER 2 Cloud Storage Forensic Framework ........................13 Introduction ..................................................................................13 Cloud (storage) forensic framework ...........................................13 Commence (Scope) .................................................................15 Preparation ..............................................................................15 Evidence source identification and preservation ...................16 Collection ................................................................................17 Examination and analysis .......................................................18 Presentation .............................................................................19 Complete .................................................................................19 Framework summary ...................................................................20 References ............... χ ....................................................................20 CHAPTER 3 Microsoft SkyDrive Cloud Storage Forensic Analysis ...............................................................23 Introduction ..................................................................................23 SkyDrive forensics: Windows 7 PC ............................................24 Commence (Scope) .................................................................24 Preparation ..............................................................................25 Evidence source identification and preservation ...................26 Collection ................................................................................26 Examination and analysis .......................................................27 Presentation .............................................................................47 Complete .................................................................................48 SkyDrive forensics: Apple iPhone 3G ........................................51 Commence (Scope) .................................................................52 Preparation ..............................................................................52 Evidence source identification and preservation ...................52 Collection ................................................................................52 Examination and analysis .......................................................53 Presentation .............................................................................53 Complete .................................................................................55 Case study ....................................................................................55 Step 1— Commence (Scope) ..................................................55 Step 2— Preparation ................................................................56 Step 3— Evidence source identification and preservation .....56 Step 4— Collection .................................................................56 Step 5— Examination and analysis .........................................56 Step 6— Presentation ..............................................................57 Step 7— Complete ...................................................................59 Conclusion ...................................................................................59 References ....................................................................................60 CHAPTER 4 Dropbox Analysis: Data Remnants on User Machines .................................................63 Introduction ..................................................................................63 Dropbox forensics: Windows 7 PC .............................................64 Commence (Scope) .................................................................65 Preparation ..............................................................................65 Evidence source identification and preservation ...................69 Collection ................................................................................69 Examination and analysis .......................................................70 Presentation .............................................................................79 Complete .................................................................................83 Dropbox forensics: Apple iPhone 3G .........................................84 Commence (Scope) .................................................................84 Preparation ..............................................................................84 Evidence source identification and preservation ...................84 Collection ................................................................................84 Examination and analysis .......................................................85 Presentation .............................................................................86 Complete .................................................................................88 Casestudy ....................................................................................88 Step 1— Commence (Scope) ..................................................88 Step 2— Preparation ................................................................88 Step 3— Evidence source identification and preservation .....89 Step 4— Collection .................................................................89 Step 5— Examination and analysis .........................................89 Step 6— Presentation ..............................................................90 Step 7— Complete ...................................................................90 Conclusion ...................................................................................90 References ....................................................................................92 CHAPTER 5 Google Drive: Forensic Analysis of Cloud Storage Data Remnants .........................................95 Introduction ..................................................................................95 Google drive forensics: Windows 7 PC ......................................96 Commence (Scope) .................................................................96 Preparation ..............................................................................96 Evidence source identification and preservation ...................98 Collection ................................................................................98 Examination and analysis .......................................................98 Presentation ........................................................................... Ill Complete ...............................................................................115 Google drive forensics: Apple iPhone 3G ................................115 Commence (Scope) ...............................................................116 Preparation ............................................................................116 Evidence source identification and preservation .................116 Collection ..............................................................................116 Examination and analysis .....................................................117 Presentation ...........................................................................117 Complete ...............................................................................117 Google drive case study ............................................................118 Step 1— Commence (Scope) ................................................118 Step 2— Preparation ..............................................................118 Step 3— Evidence source identification and preservation ...............................................................119 Step 4— Collection ...............................................................120 Step 5— Examination and analysis .......................................121 Step 6— Presentation ............................................................121 Step 7—Complete .................................................................121 Conclusion .................................................................................121 CHAPTER 6 CHAPTER 7 Summary of Microsoft SkyDrive, Dropbox, and Google Drive findings ..........................................................122 References ..................................................................................123 Appendix A ................................................................................124 Open Source Cloud Storage Forensics: ownCloud as a Case Study ..................................127 Introduction ................................................................................127 Cloud forensics framework ..................................................129 Outline ..................................................................................130 Experiment setup .......................................................................130 ownCloud overview ..............................................................130 Environment configuration ...................................................131 Findings ......................................................................................132 Client forensics .....................................................................132 Evidence source identification and preservation, and collection ..........................................................................133 Examination and analysis of client devices .........................134 Reporting and presentation ...................................................138 Server forensics ....................................................................138 Evidence source identification and preservation .................139 Collection ..............................................................................141 Server examination and analysis ..........................................143 Summary of findings ............................................................147 Conclusion .................................................................................148 References ..................................................................................150 Forensic Collection of Cloud Storage Data: Does the Act of Collection Result in Changes to the Data or its Metadata? ................................153 Introduction ................................................................................153 Cloud storage providers .............................................................154 Dropbox ................................................................................154 Google Drive ........................................................................155 Microsoft SkyDrive ..............................................................156 Data collection via Internet access to a user account ...............156 Dropbox ................................................................................159 Google Drive ........................................................................162 Microsoft SkyDrive ..............................................................164 Research findings: discussion ...................................................168 File contents ..........................................................................168 Dates and times ....................................................................169 Client software dates and times ...........................................169 Browser dates and times .......................................................169 Verification of findings ........................................................170 Summary ...............................................................................171 Conclusion .................................................................................172 References ..................................................................................173 CHAPTER 8 Conclusion and Future Work ................................175 Research summary .....................................................................175 Future work ................................................................................178 Glossary .................................................................................................................179 Index ......................................................................................................................183
any_adam_object	1
author	Quick, Darren Martini, Ben Choo, Kim-Kwang Raymond
author_GND	(DE-588)137128738
author_facet	Quick, Darren Martini, Ben Choo, Kim-Kwang Raymond
author_role	aut aut aut
author_sort	Quick, Darren
author_variant	d q dq b m bm k k r c kkr kkrc
building	Verbundindex
bvnumber	BV041994606
classification_rvk	ST 277
ctrlnum	(OCoLC)889931974 (DE-599)BSZ399486623
dewey-full	363.25028546782
dewey-hundreds	300 - Social sciences
dewey-ones	363 - Other social problems and services
dewey-raw	363.25028546782
dewey-search	363.25028546782
dewey-sort	3363.25028546782
dewey-tens	360 - Social problems and services; associations
discipline	Informatik Soziologie
format	Book
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01943nam a2200445 c 4500</leader><controlfield tag="001">BV041994606</controlfield><controlfield tag="003">DE-604</controlfield><controlfield tag="005">20140819 </controlfield><controlfield tag="007">t\|</controlfield><controlfield tag="008">140725s2014 xx d\|\|\| \|\|\|\| 00\|\|\| eng d</controlfield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">016546960</subfield><subfield code="2">DE-101</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9780124199705</subfield><subfield code="c">pbk. : £42.99</subfield><subfield code="9">978-012-419-970-5</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)889931974</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-599)BSZ399486623</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-604</subfield><subfield code="b">ger</subfield></datafield><datafield tag="041" ind1="0" ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-739</subfield></datafield><datafield tag="082" ind1="0" ind2=" "><subfield code="a">363.25028546782</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">ST 277</subfield><subfield code="0">(DE-625)143643:</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Quick, Darren</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Cloud storage forensics</subfield><subfield code="c">Darren Quick ; Ben Martini ; Kim-Kwang Raymond Choo</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Amsterdam [u.a.]</subfield><subfield code="b">Elsevier Syngress</subfield><subfield code="c">2014</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">XVIII, 189 S.</subfield><subfield code="b">graph. Darst.</subfield><subfield code="c">24 cm</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="0" ind2=" "><subfield code="a">Syngress</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Datenverarbeitung</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Computer crimes / Investigation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Forensic sciences / Data processing</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud computing</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Information storage and retrieval systems</subfield></datafield><datafield tag="650" ind1="0" ind2="7"><subfield code="a">Computerforensik</subfield><subfield code="0">(DE-588)4774034-6</subfield><subfield code="2">gnd</subfield><subfield code="9">rswk-swf</subfield></datafield><datafield tag="689" ind1="0" ind2="0"><subfield code="a">Computerforensik</subfield><subfield code="0">(DE-588)4774034-6</subfield><subfield code="D">s</subfield></datafield><datafield tag="689" ind1="0" ind2=" "><subfield code="5">DE-604</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Martini, Ben</subfield><subfield code="e">Verfasser</subfield><subfield code="4">aut</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Choo, Kim-Kwang Raymond</subfield><subfield code="e">Verfasser</subfield><subfield code="0">(DE-588)137128738</subfield><subfield code="4">aut</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Inhaltsverzeichnis</subfield></datafield><datafield tag="856" ind1="4" ind2="2"><subfield code="m">Digitalisierung UB Passau - ADAM Catalogue Enrichment</subfield><subfield code="q">application/pdf</subfield><subfield code="u">http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA</subfield><subfield code="3">Klappentext</subfield></datafield><datafield tag="943" ind1="1" ind2=" "><subfield code="a">oai:aleph.bib-bvb.de:BVB01-027436771</subfield></datafield></record></collection>
id	DE-604.BV041994606
illustrated	Illustrated
indexdate	2024-12-20T16:59:39Z
institution	BVB
isbn	9780124199705
language	English
oai_aleph_id	oai:aleph.bib-bvb.de:BVB01-027436771
oclc_num	889931974
open_access_boolean
owner	DE-739
owner_facet	DE-739
physical	XVIII, 189 S. graph. Darst. 24 cm
publishDate	2014
publishDateSearch	2014
publishDateSort	2014
publisher	Elsevier Syngress
record_format	marc
series2	Syngress
spellingShingle	Quick, Darren Martini, Ben Choo, Kim-Kwang Raymond Cloud storage forensics Datenverarbeitung Computer crimes / Investigation Forensic sciences / Data processing Cloud computing Information storage and retrieval systems Computerforensik (DE-588)4774034-6 gnd
subject_GND	(DE-588)4774034-6
title	Cloud storage forensics
title_auth	Cloud storage forensics
title_exact_search	Cloud storage forensics
title_full	Cloud storage forensics Darren Quick ; Ben Martini ; Kim-Kwang Raymond Choo
title_fullStr	Cloud storage forensics Darren Quick ; Ben Martini ; Kim-Kwang Raymond Choo
title_full_unstemmed	Cloud storage forensics Darren Quick ; Ben Martini ; Kim-Kwang Raymond Choo
title_short	Cloud storage forensics
title_sort	cloud storage forensics
topic	Datenverarbeitung Computer crimes / Investigation Forensic sciences / Data processing Cloud computing Information storage and retrieval systems Computerforensik (DE-588)4774034-6 gnd
topic_facet	Datenverarbeitung Computer crimes / Investigation Forensic sciences / Data processing Cloud computing Information storage and retrieval systems Computerforensik
url	http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000003&line_number=0001&func_code=DB_RECORDS&service_type=MEDIA http://bvbr.bib-bvb.de:8991/F?func=service&doc_library=BVB01&local_base=BVB01&doc_number=027436771&sequence=000004&line_number=0002&func_code=DB_RECORDS&service_type=MEDIA
work_keys_str_mv	AT quickdarren cloudstorageforensics AT martiniben cloudstorageforensics AT chookimkwangraymond cloudstorageforensics

Verfügbarkeit

‌

Per Fernleihe bestellen Inhaltsverzeichnis