A Study On The Digital Evidence Collection Forensic Mechanism Based On Cloud Computing Warfare

• Main Authors: Hsu,Iansue, 許硯舒
• Other Authors: Woo,Taikuo
• Format: Others
• Language: zh-TW
• Published: 2012
• Online Access: http://ndltd.ncl.edu.tw/handle/56223770921970279640

碩士 === 國防大學管理學院 === 資訊管理學系 === 100 === There are some safety-related secret worries behind the visualization structure of Cloud computing. Although they are similar to traditional cyber attack modeling, they are more complicated and the extensive scopes are broader, which make the exterior information security protective equipment could not obtain the evidence effectively; furthermore, while building multiple Virtual Machine and sharing resources on a single server, if one of the machines comes up against the vulnerabilities of security, it would lead to severe impacts. As a result, we have to carefully control and manage them to avoid being targeted by hacker’s attack. Moreover, during the traditional Digital Evidence Collection and the analytic process, it may cause loses of digital evidence on account for the mis-operations by the staff members and the misuses of equipments. Traditional Honey-Pot is classified as a passive trap which entices the invaders to attack. Therefore, the objectives of active Digital Evidence Collection Forensics are to pre-deploy the collection and the analyzing equipments on the vulnerable or specific targets. Subsequently, the attack information will be recorded, analyzed, related by the system instantly. The research pre-deploy the honey-pot system in the virtualized environment, and use the additional snapshot model of VM model, to build the environment for the active Digital Evidence Collection Forensics, and to collect the host’s system, flow rare and security control facilities of the Virtual Machine. If any network attacking occurred, it will relate the event records to reconstruct the process of the network attacking event.