“Box Analysis” – Data Remnants on User Machines
“Box Analysis” – Data Remnants on User Machines
By
TP030662 – Fahad Nasir Dalwai
TP027308 – Ahmed Izhan
TP023019 – Dhaavan Satchi
UC3F1402 IT { ISS, FC }
Module: CT017 - Data Recovery
Supervised by Dr. ALI DEHGHANTANHA
May 2014
Table of Contents
List of Figures
List of Tables
ABSTRACT
Cloud computing is a new computing paradigm that has attracted many computer users, business, and government agencies and can potentially store a large amount of data. Cloud computing has brought lot of advantages especially in ubiquitous service where everybody can access computer services through the internet. With cloud computing, there is no need of physical hardware or servers that will support the company’s computer system, Internet services and also networks. Data storage has been recognized as one of the main concerns in the field of information technology in the past decades due to the security of the data; hence a vast amount of quantity of efforts has been made in the area of distributed storage security. But in the era of rapid-growth in technology, with the various types of cloud storage computing available, it makes it easier for hackers to hack into anything with good penetration knowledge towards criminal activities. The retrieval of digital evidence form cloud storage services can a big challenge in a digital forensic investigation, due to the privacy issues, lack of knowledge on location digital evidences, and legal or jurisdictional boundaries. Box is one of the popular cloud storage services, providing users a very cost-effective with a free version, ability to access, store, collaborate, disseminate data and also managing data the easier way. Using Box as a case study, artifacts were identified that are likely to remain after the use of cloud storage, in the context of a series of experiments; on Windows 8.1, an Android and also on Apple iPhone, and the potential access point(s) for digital forensics examiners to
By
TP030662 – Fahad Nasir Dalwai
TP027308 – Ahmed Izhan
TP023019 – Dhaavan Satchi
UC3F1402 IT { ISS, FC }
Module: CT017 - Data Recovery
Supervised by Dr. ALI DEHGHANTANHA
May 2014
Table of Contents
List of Figures
List of Tables
ABSTRACT
Cloud computing is a new computing paradigm that has attracted many computer users, business, and government agencies and can potentially store a large amount of data. Cloud computing has brought lot of advantages especially in ubiquitous service where everybody can access computer services through the internet. With cloud computing, there is no need of physical hardware or servers that will support the company’s computer system, Internet services and also networks. Data storage has been recognized as one of the main concerns in the field of information technology in the past decades due to the security of the data; hence a vast amount of quantity of efforts has been made in the area of distributed storage security. But in the era of rapid-growth in technology, with the various types of cloud storage computing available, it makes it easier for hackers to hack into anything with good penetration knowledge towards criminal activities. The retrieval of digital evidence form cloud storage services can a big challenge in a digital forensic investigation, due to the privacy issues, lack of knowledge on location digital evidences, and legal or jurisdictional boundaries. Box is one of the popular cloud storage services, providing users a very cost-effective with a free version, ability to access, store, collaborate, disseminate data and also managing data the easier way. Using Box as a case study, artifacts were identified that are likely to remain after the use of cloud storage, in the context of a series of experiments; on Windows 8.1, an Android and also on Apple iPhone, and the potential access point(s) for digital forensics examiners to
References: 1) [1] History of Cloud Computing. 2014. History od Cloud Computing. [ONLINE] Available at http://www.eci.com/cloudforum/c;oud-computing-history.html. [Accessed: 12 May 2014]. 2) [2] J.Rittinghouse,J.Ransome, Cloud Computing: Implementation, Management, and Security, 2009 . 3) [3] Prasanta GogoiB, Borah,D K Bhattacharyya, Anomaly Detection Analysis of Intrusion Data using Supervised & Unsupervised Approach, Journal of AICIT, AICIT, vol.5, no.1, pp.95-111, 2010. 4) [4]. AWS, “Amazon web services,” , [Accessed July 5th, 2012]. 5) [5]. R. Marty, “Cloud application logging for forensics,” in In proceedings of the 2011 ACM Symposium on Applied Computing. ACM, 2011, pp. 178–184. 6) [6]. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage, “Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds,” in Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009, pp. 199–212. 7) [7]. D. Birk and C. Wegener, “Technical issues of forensic investigations in cloud computing environments,” Systematic Approaches to Digital Forensic Engineering, 2011. 8) [8]. J. Vacca, Computer forensics: computer crime scene investigation. Delmar Thomson Learning, 2005, vol. 1. 9) UC Berkeley Enron Email Analysis. (2014) [Online] Available from: http://bailando.sims.berkeley.edu/enron_email.html. [Accessed: 14th April 2014] 10) box. (2014) Your Hard Drive in the Cloud. [Online] Available from: https://www.box.com/personal/store-files-online/. [Accessed: 15th May 2014]