Log Analysis Methods for Cloud Forensics

Three log analysis methods were proposed in this book to identify analyze and preserve the potential evidence in a log file. An intrusion detection method based on Bayesian Fuzzy Clustering (BFC) and two levels of Gravitational- Group search based SVNN is proposed to help cloud forensic investigators in identifying potential evidence about an intrusion. A multi-level and mutual log integrity preservation approach using public key infrastructure for cloud forensics is proposed to prevent a criminal or cloud service provider or the forensic investigator himself tampering with the evidence on a log file to make the log file presentable evidence before law enforcement. A security protocol for evidence integrity preservation in cloud forensics using Blockchain technology is proposed to make the preservation of evidence (log) easy transparent and tamperproof to make it convenient for different entities involved in the investigation and post-investigation process to interact retrieve and verify the log files.