Forensic Analysis of Distributed Service Oriented Computing Platforms

Cloud computing is quickly becoming pervasive. M illions of concurrent users are taking advantage of the flexibility offered by cloud computing platforms. The use of the l arge scale global storage provided by cloud computing presents a barrier to existing digital forensic techniques which were developed to target single hosts containing a small number of storage devices. By analysing computers to determine if they have been used in the commission of a crime or breach of policy. Various techniques are employed to analyse all aspects of a computer and/or network to determine if malicious activity has occurred. One such technique is signature detection, where signatures from know illicit files are searched for to determine their presence on a computer or storage device. We have identified that the volume and distribution of data in cloud platforms presents a barrier to the application of existing signature detection techniques. The focus of this paper is the development and implementation of a distributed signature detection framework that will enable forensic analysis of cloud storage platforms.