LiveForen: Ensuring live forensic integrity in the cloud

Author

Anyi LIU
Huirong FU
Yuan HONG
Jigang LIU
Yingjiu LI, Singapore Management UniversityFollow

Publication Type

Journal Article

Publication Date

10-2019

Abstract

To expedite the forensic investigation process in the cloud, excessive and yet volatile data need to be acquired, transmitted, and analyzed in a timely manner. A common assumption for most existing forensic systems is that credible data can always be collected from a cloud infrastructure, which might be susceptible to various exploits. In this paper, we present the design, implementation, and evaluation of LiveForen, a system that enforces a trustworthy forensic data acquisition and transmission process in the cloud, whose computer platforms' integrity has been verified. To fulfill this objective, we propose two secure protocols that verify the fingerprints of the computer platforms, as well as the attributes of the human agents, by taking advantage of the trusted platform module and the attribute-based encryption. To transmit forensic data as a data stream and verify its integrity at the same time, a unique fragile watermark is embedded into the data stream without altering the data itself. The watermark allows not only the data integrity to be verified but also any malicious data manipulation to be localized, with minimum communication overhead. The experimental results demonstrate that LiveForen achieves good scalability and limited performance overhead for authentication, data transmission, and integrity verification in an Infrastructure-as-a-Service cloud environment.

Keywords

Attribute-based encryption, Cybercrime, Cybersecurity, Fragile watermark, Trusted computing, Trusted platform module

Discipline

Information Security

Research Areas

Cybersecurity

Publication

IEEE Transactions on Information Forensics and Security

Volume

14

Issue

10

First Page

2749

Last Page

2764

ISSN

1556-6013

Identifier

10.1109/TIFS.2019.2898841

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Citation

LIU, Anyi; FU, Huirong; HONG, Yuan; LIU, Jigang; and LI, Yingjiu. LiveForen: Ensuring live forensic integrity in the cloud. (2019). IEEE Transactions on Information Forensics and Security. 14, (10), 2749-2764.
Available at: https://ink.library.smu.edu.sg/sis_research/4410

Additional URL

https://doi.org/10.1109/TIFS.2019.2898841