Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology

Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology

Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using...

Full description

Bibliographic Details
Main Authors: Mehran Pourvahab, Gholamhossein Ekbatanifard
Format: Article
Language:English
Published: IEEE 2019-01-01
Series:IEEE Access
Subjects:
Software-defined networking
blockchain
evidence collection
cloud forensics
security
Online Access:https://ieeexplore.ieee.org/document/8865056/
id doaj-27286d9c3893461097d08ca67a16ee1c
record_format Article
spelling doaj-27286d9c3893461097d08ca67a16ee1c2021-03-29T23:03:40ZengIEEEIEEE Access2169-35362019-01-01715334915336410.1109/ACCESS.2019.29469788865056Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain TechnologyMehran Pourvahab0https://orcid.org/0000-0002-0034-5506Gholamhossein Ekbatanifard1https://orcid.org/0000-0003-3216-0511Department of Computer Engineering, Islamic Azad University, Rasht Branch, Rasht, IranDepartment of Computer Engineering, Islamic Azad University, Lahijan Branch, Lahijan, IranCloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using fast-growing Software-Defined Networking (SDN) and Blockchain technology for Infrastructure-as-a-Service (IaaS) cloud. In this proposed forensic architecture, the evidence is collected and preserved in the blockchain that is distributed among multiple peers. To protect the system from unauthorized users, Secure Ring Verification based Authentication (SRVA) scheme is proposed. To strengthen the cloud environment, secret keys are generated optimally by using Harmony Search Optimization (HSO) algorithm. All data are encrypted based on the sensitivity level and stored in the cloud server. For encryption, Sensitivity Aware Deep Elliptic Curve Cryptography (SA-DECC) algorithm is presented. For every data stored in the cloud, a block is created in the SDN controller and the history of data is recorded as metadata. In each block, the Merkle hash tree is built by using Secure Hashing Algorithm-3 (SHA-3). Our system allows users to trace their data by deploying Fuzzy based Smart Contracts (FCS). Finally, evidence analysis is enabled by constructing Logical Graph of Evidence (LGoE) collected from the blockchain. Experiments are conducted in an integrated environment of java (for cloud and blockchain) and network simulator-3.26 (for SDN). The extensive analysis shows that proposed forensic architecture shows promising results in Response time, Evidence insertion time, Evidence verification time, Communication overhead, Hash computation time, Key generation time, Encryption time, Decryption time and total change rate.https://ieeexplore.ieee.org/document/8865056/Software-defined networkingblockchainevidence collectioncloud forensicssecurity
collection DOAJ
language English
format Article
sources DOAJ
author Mehran Pourvahab
Gholamhossein Ekbatanifard
spellingShingle Mehran Pourvahab
Gholamhossein Ekbatanifard
Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology
IEEE Access
Software-defined networking
blockchain
evidence collection
cloud forensics
security
author_facet Mehran Pourvahab
Gholamhossein Ekbatanifard
author_sort Mehran Pourvahab
title Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology
title_short Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology
title_full Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology
title_fullStr Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology
title_full_unstemmed Digital Forensics Architecture for Evidence Collection and Provenance Preservation in IaaS Cloud Environment Using SDN and Blockchain Technology
title_sort digital forensics architecture for evidence collection and provenance preservation in iaas cloud environment using sdn and blockchain technology
publisher IEEE
series IEEE Access
issn 2169-3536
publishDate 2019-01-01
description Cloud forensics is an intelligent evolution of digital forensics that defends against cyber-crimes. However, centralized evidence collection and preservation minimizes the reliability of digital evidence. To resolve this severe problem, this paper proposes a novel digital forensic architecture using fast-growing Software-Defined Networking (SDN) and Blockchain technology for Infrastructure-as-a-Service (IaaS) cloud. In this proposed forensic architecture, the evidence is collected and preserved in the blockchain that is distributed among multiple peers. To protect the system from unauthorized users, Secure Ring Verification based Authentication (SRVA) scheme is proposed. To strengthen the cloud environment, secret keys are generated optimally by using Harmony Search Optimization (HSO) algorithm. All data are encrypted based on the sensitivity level and stored in the cloud server. For encryption, Sensitivity Aware Deep Elliptic Curve Cryptography (SA-DECC) algorithm is presented. For every data stored in the cloud, a block is created in the SDN controller and the history of data is recorded as metadata. In each block, the Merkle hash tree is built by using Secure Hashing Algorithm-3 (SHA-3). Our system allows users to trace their data by deploying Fuzzy based Smart Contracts (FCS). Finally, evidence analysis is enabled by constructing Logical Graph of Evidence (LGoE) collected from the blockchain. Experiments are conducted in an integrated environment of java (for cloud and blockchain) and network simulator-3.26 (for SDN). The extensive analysis shows that proposed forensic architecture shows promising results in Response time, Evidence insertion time, Evidence verification time, Communication overhead, Hash computation time, Key generation time, Encryption time, Decryption time and total change rate.
topic Software-defined networking
blockchain
evidence collection
cloud forensics
security
url https://ieeexplore.ieee.org/document/8865056/
work_keys_str_mv AT mehranpourvahab digitalforensicsarchitectureforevidencecollectionandprovenancepreservationiniaascloudenvironmentusingsdnandblockchaintechnology
AT gholamhosseinekbatanifard digitalforensicsarchitectureforevidencecollectionandprovenancepreservationiniaascloudenvironmentusingsdnandblockchaintechnology
_version_ 1724190188636209152

Similar Items