{"title":"Ceph的法医检查","authors":"Florian Bausch, Andreas Dewald","doi":"10.1145/3609862","DOIUrl":null,"url":null,"abstract":"The concept of Software Defined Storage (SDS) has become very popular over the last few years. It is used in public, private, and hybrid clouds to store enterprise, private, and other kinds of data. Ceph is an open source software that implements an SDS stack. This article analyzes the data found on storage devices (Object Store Devices (OSDs)) used to store Ceph BlueStore data from a data forensics point of view. The Object Store Device (OSD) data is categorized using the model proposed by Carrier into the five categories file system, content, metadata, file name, and application category. It then describes how the different data can be connected to present useful information about the content of an OSD and presents the implementation of a forensic software tool for OSD analysis based on Ceph 12.2.4 luminous.","PeriodicalId":202552,"journal":{"name":"Digital Threats: Research and Practice","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Forensic Examination of Ceph\",\"authors\":\"Florian Bausch, Andreas Dewald\",\"doi\":\"10.1145/3609862\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The concept of Software Defined Storage (SDS) has become very popular over the last few years. It is used in public, private, and hybrid clouds to store enterprise, private, and other kinds of data. Ceph is an open source software that implements an SDS stack. This article analyzes the data found on storage devices (Object Store Devices (OSDs)) used to store Ceph BlueStore data from a data forensics point of view. The Object Store Device (OSD) data is categorized using the model proposed by Carrier into the five categories file system, content, metadata, file name, and application category. It then describes how the different data can be connected to present useful information about the content of an OSD and presents the implementation of a forensic software tool for OSD analysis based on Ceph 12.2.4 luminous.\",\"PeriodicalId\":202552,\"journal\":{\"name\":\"Digital Threats: Research and Practice\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Digital Threats: Research and Practice\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3609862\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Digital Threats: Research and Practice","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3609862","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
软件定义存储(SDS)的概念在过去几年中变得非常流行。它用于公共、私有和混合云中,以存储企业、私有和其他类型的数据。Ceph是一个实现SDS堆栈的开源软件。本文从数据取证的角度分析了用于存储Ceph BlueStore数据的存储设备(对象存储设备)上的数据。OSD (Object Store Device)数据按照Carrier提出的模型分为文件系统、内容、元数据、文件名和应用类别五类。然后介绍了如何将不同的数据连接起来,以提供有关OSD内容的有用信息,并介绍了基于Ceph 12.2.4 luminous的OSD分析取证软件工具的实现。
The concept of Software Defined Storage (SDS) has become very popular over the last few years. It is used in public, private, and hybrid clouds to store enterprise, private, and other kinds of data. Ceph is an open source software that implements an SDS stack. This article analyzes the data found on storage devices (Object Store Devices (OSDs)) used to store Ceph BlueStore data from a data forensics point of view. The Object Store Device (OSD) data is categorized using the model proposed by Carrier into the five categories file system, content, metadata, file name, and application category. It then describes how the different data can be connected to present useful information about the content of an OSD and presents the implementation of a forensic software tool for OSD analysis based on Ceph 12.2.4 luminous.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
