Dept. of CSE, JNTUK University, College of Engineering, Vizianagaram, Vizianagaram, India
*Corresponding Author: tsrkrishna@jntukucev.ac.in
Online published on 21 September, 2023.
The increasing growth of cloud computing makes the forensic investigation complex. It is very significant to collect and preserve the admissible evidences of different actions happened in the cloud environment in spite of collusion problem. The forensic investigation of logs poses a great challenge to make sure that the investigated logs are not tampered and consistent. Various integrity preservation methods are developed to secure the trustworthy evidences of cloud, but storing the logs of user actions and to ensure the trustworthiness with respect to forensic investigation still result a challenging issue in cloud. Hence, an effective multi-level and mutual log integrity preservation method is developed to assure the integrity of log evidence using public key infrastructure. The integrity preservation mechanism is modelled by employing the security mechanisms, such as hashing, encryption, decryption, and walsh transform. The communication between the entities is achieved by generating the keys using the hashing and encryption function with the concatenation operator. However, the public key and the random number is used to generate the message that can be exchanged between the cloud entities. The investigation process is done by the investigator for transferring the encrypted log file to the server. The proposed method achieved higher performance by considering the 500 number of cloud users in terms of detection rate, memory, and time with the values of 0.9828, 2185 bytes, and 7287 ms, respectively.
Cloud Security, Cloud Forensics, Evidence Integrity, Log Analysis, Public Key