Design of Security Technique through Secure Logging for Cloud Forensics
Jyoti Rao1, Aboli Deshpande2, Pramod Patil3, Swati Nikam4

1Dr. Jyoti Rao, Department of computer Engineering, DIT, Pimpri, Pune, India.
2Aboli Deshpande, Department of computer Engineering, DIT, Pimpri, Pune, India.
3Dr. Pramod Patil, Department of computer Engineering, DIT, Pimpri, Pune, India.
4Ms. Swati Nikam Department of computer Engineering, DIT, Pimpri, Pune, India.
Manuscript received on July 20, 2019. | Revised Manuscript received on August 10, 2019. | Manuscript published on August 30, 2019. | PP: 4035-4043 | Volume-8 Issue-6, August 2019. | Retrieval Number: F9312088619/2019©BEIESP | DOI: 10.35940/ijeat.F9312.088619
Open Access | Ethics and Policies | Cite | Mendeley
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)

Abstract: Cloud computing has a new edge computing paradigm these days. Sometimes cloud computing architectures don’t support for computer forensics investigations. Analyzing various types of logs and logging mechanism plays an important role in computer forensics. Distributed nature and the multi-tenant cloud models, where many users share the same processing and network resources, collecting, storing and analyzing logs from a cloud is very hard. User activity logs can be a valuable source of information in cloud forensic investigations. Generally, Cloud service providers have access to activity logs of cloud user and CSP can tamper the logs so that investigator cannot reach to the real culprit. In such an environment, log security is one of challenge in the cloud. Logging technique is used to monitor employee’s behavior, to keep track of malicious activities and prevent cloud networks from intrusion by well-known organizations. Ensuring the reliability and integrity of logs is crucial. Most existing solutions for secure logging are designed for traditional systems rather than the complexity of a cloud environment. In the proposed framework secure logging environment is provided by storing and processing activity logs and encrypting using advanced encryption method. It detects DDoS (distributed denial of service) attack on cloud infrastructure by using the published logs on cloud and thus helpful in cloud forensics. It is detected by the investigator using available application activity logs in the cloud server. Searchable encryption algorithm will be used to increase the security of the logging mechanism and to maintain confidentiality and privacy of user data. Proof of past (PPL) logs is created by storing logs at more than one place. This PPL helps in the verification process of changed logs by CSP the actual implementation of this application on AWS Infrastructure as a service ( IAAS ) cloud shows real-time use of this structure.
Keywords: Activity logs, Cloud forensics, Distributed denial of service, Searchable encryption.