Analysis of Dataset in Private Cloud for Cloud Forensics Using Eucalyptus and Hadoop

Abstract

At present, in most of the areas of research, development and daily usage, almost all platforms and service providers are dependent on cloud computing. To achieve scalability and sustainability, cloud architecture is considered as a result of technological amalgamation. If the design of the architecture is complex in nature, it could have adverse effects on data recoverability and analysis when the system gets compromised. This type of structure introduces issues like inherent architecture flaws, backdoors, code smelling which could lead to exploitable vulnerabilities for hackers and scammers. Likewise, its complex nature puts limits on forensic investigation methods. For such problems, digital forensic provides a solution. It uses the three-stage approach which consists of evidence collection eye-witnessed by the user, evidence preservation in an unaltered way, offline safeguarding of evidence for feigning its collection. Among its various methods like live forensics, timeline analysis, logging, sandboxing, logging is generalized and easy to use method. The proposed work is about digital forensic technique, log analysis, which is the most effective approach to override investigation issues in the cloud environment. Snort, Network Intrusion Detection System (NIDS), will work as a daemon on Eucalyptus private cloud to monitor and log intrusive attempts of network activities on it. Second, the proposed approach will fix the incapability of Eucalyptus to export logs to the rSyslog server. Third, the generated datasets, irrespective of location and format, would be analyzed by Hadoop, for improved analysis of a system.