Event correlation in cloud: a forensic perspective
Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event c...
Ausführliche Beschreibung
Autor*in: |
Kumar Raju, B. K. S. P. [verfasserIn] |
---|
Format: |
Artikel |
---|---|
Sprache: |
Englisch |
Erschienen: |
2016 |
---|
Schlagwörter: |
---|
Systematik: |
|
---|
Anmerkung: |
© Springer-Verlag Wien 2016 |
---|
Übergeordnetes Werk: |
Enthalten in: Computing - Springer Vienna, 1966, 98(2016), 11 vom: 04. Juni, Seite 1203-1224 |
---|---|
Übergeordnetes Werk: |
volume:98 ; year:2016 ; number:11 ; day:04 ; month:06 ; pages:1203-1224 |
Links: |
---|
DOI / URN: |
10.1007/s00607-016-0500-2 |
---|
Katalog-ID: |
OLC2061428762 |
---|
LEADER | 01000caa a22002652 4500 | ||
---|---|---|---|
001 | OLC2061428762 | ||
003 | DE-627 | ||
005 | 20230502133805.0 | ||
007 | tu | ||
008 | 200819s2016 xx ||||| 00| ||eng c | ||
024 | 7 | |a 10.1007/s00607-016-0500-2 |2 doi | |
035 | |a (DE-627)OLC2061428762 | ||
035 | |a (DE-He213)s00607-016-0500-2-p | ||
040 | |a DE-627 |b ger |c DE-627 |e rakwb | ||
041 | |a eng | ||
082 | 0 | 4 | |a 004 |q VZ |
084 | |a SA 4220 |q VZ |2 rvk | ||
084 | |a SA 4220 |q VZ |2 rvk | ||
100 | 1 | |a Kumar Raju, B. K. S. P. |e verfasserin |4 aut | |
245 | 1 | 0 | |a Event correlation in cloud: a forensic perspective |
264 | 1 | |c 2016 | |
336 | |a Text |b txt |2 rdacontent | ||
337 | |a ohne Hilfsmittel zu benutzen |b n |2 rdamedia | ||
338 | |a Band |b nc |2 rdacarrier | ||
500 | |a © Springer-Verlag Wien 2016 | ||
520 | |a Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. | ||
650 | 4 | |a Cloud computing | |
650 | 4 | |a Event correlation | |
650 | 4 | |a Incident handling | |
650 | 4 | |a Cloud forensics | |
700 | 1 | |a Geethakumari, G. |4 aut | |
773 | 0 | 8 | |i Enthalten in |t Computing |d Springer Vienna, 1966 |g 98(2016), 11 vom: 04. Juni, Seite 1203-1224 |w (DE-627)129534927 |w (DE-600)215907-7 |w (DE-576)014963949 |x 0010-485X |7 nnns |
773 | 1 | 8 | |g volume:98 |g year:2016 |g number:11 |g day:04 |g month:06 |g pages:1203-1224 |
856 | 4 | 1 | |u https://doi.org/10.1007/s00607-016-0500-2 |z lizenzpflichtig |3 Volltext |
912 | |a GBV_USEFLAG_A | ||
912 | |a SYSFLAG_A | ||
912 | |a GBV_OLC | ||
912 | |a SSG-OLC-TEC | ||
912 | |a SSG-OLC-MAT | ||
912 | |a SSG-OPC-MAT | ||
912 | |a GBV_ILN_24 | ||
912 | |a GBV_ILN_65 | ||
912 | |a GBV_ILN_70 | ||
912 | |a GBV_ILN_2088 | ||
912 | |a GBV_ILN_4318 | ||
912 | |a GBV_ILN_4323 | ||
936 | r | v | |a SA 4220 |
936 | r | v | |a SA 4220 |
951 | |a AR | ||
952 | |d 98 |j 2016 |e 11 |b 04 |c 06 |h 1203-1224 |
author_variant |
r b k s p k rbksp rbkspk g g gg |
---|---|
matchkey_str |
article:0010485X:2016----::vncreainnluaoes |
hierarchy_sort_str |
2016 |
publishDate |
2016 |
allfields |
10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224 |
spelling |
10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224 |
allfields_unstemmed |
10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224 |
allfieldsGer |
10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224 |
allfieldsSound |
10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224 |
language |
English |
source |
Enthalten in Computing 98(2016), 11 vom: 04. Juni, Seite 1203-1224 volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 |
sourceStr |
Enthalten in Computing 98(2016), 11 vom: 04. Juni, Seite 1203-1224 volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 |
format_phy_str_mv |
Article |
institution |
findex.gbv.de |
topic_facet |
Cloud computing Event correlation Incident handling Cloud forensics |
dewey-raw |
004 |
isfreeaccess_bool |
false |
container_title |
Computing |
authorswithroles_txt_mv |
Kumar Raju, B. K. S. P. @@aut@@ Geethakumari, G. @@aut@@ |
publishDateDaySort_date |
2016-06-04T00:00:00Z |
hierarchy_top_id |
129534927 |
dewey-sort |
14 |
id |
OLC2061428762 |
language_de |
englisch |
fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2061428762</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230502133805.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2016 xx ||||| 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s00607-016-0500-2</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2061428762</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s00607-016-0500-2-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Kumar Raju, B. K. S. P.</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Event correlation in cloud: a forensic perspective</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2016</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer-Verlag Wien 2016</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud computing</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Event correlation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Incident handling</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud forensics</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Geethakumari, G.</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computing</subfield><subfield code="d">Springer Vienna, 1966</subfield><subfield code="g">98(2016), 11 vom: 04. Juni, Seite 1203-1224</subfield><subfield code="w">(DE-627)129534927</subfield><subfield code="w">(DE-600)215907-7</subfield><subfield code="w">(DE-576)014963949</subfield><subfield code="x">0010-485X</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:98</subfield><subfield code="g">year:2016</subfield><subfield code="g">number:11</subfield><subfield code="g">day:04</subfield><subfield code="g">month:06</subfield><subfield code="g">pages:1203-1224</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s00607-016-0500-2</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OPC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2088</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4318</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">98</subfield><subfield code="j">2016</subfield><subfield code="e">11</subfield><subfield code="b">04</subfield><subfield code="c">06</subfield><subfield code="h">1203-1224</subfield></datafield></record></collection>
|
author |
Kumar Raju, B. K. S. P. |
spellingShingle |
Kumar Raju, B. K. S. P. ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics Event correlation in cloud: a forensic perspective |
authorStr |
Kumar Raju, B. K. S. P. |
ppnlink_with_tag_str_mv |
@@773@@(DE-627)129534927 |
format |
Article |
dewey-ones |
004 - Data processing & computer science |
delete_txt_mv |
keep |
author_role |
aut aut |
collection |
OLC |
remote_str |
false |
illustrated |
Not Illustrated |
issn |
0010-485X |
topic_title |
004 VZ SA 4220 VZ rvk Event correlation in cloud: a forensic perspective Cloud computing Event correlation Incident handling Cloud forensics |
topic |
ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics |
topic_unstemmed |
ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics |
topic_browse |
ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics |
format_facet |
Aufsätze Gedruckte Aufsätze |
format_main_str_mv |
Text Zeitschrift/Artikel |
carriertype_str_mv |
nc |
hierarchy_parent_title |
Computing |
hierarchy_parent_id |
129534927 |
dewey-tens |
000 - Computer science, knowledge & systems |
hierarchy_top_title |
Computing |
isfreeaccess_txt |
false |
familylinks_str_mv |
(DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 |
title |
Event correlation in cloud: a forensic perspective |
ctrlnum |
(DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p |
title_full |
Event correlation in cloud: a forensic perspective |
author_sort |
Kumar Raju, B. K. S. P. |
journal |
Computing |
journalStr |
Computing |
lang_code |
eng |
isOA_bool |
false |
dewey-hundreds |
000 - Computer science, information & general works |
recordtype |
marc |
publishDateSort |
2016 |
contenttype_str_mv |
txt |
container_start_page |
1203 |
author_browse |
Kumar Raju, B. K. S. P. Geethakumari, G. |
container_volume |
98 |
class |
004 VZ SA 4220 VZ rvk |
format_se |
Aufsätze |
author-letter |
Kumar Raju, B. K. S. P. |
doi_str_mv |
10.1007/s00607-016-0500-2 |
dewey-full |
004 |
title_sort |
event correlation in cloud: a forensic perspective |
title_auth |
Event correlation in cloud: a forensic perspective |
abstract |
Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. © Springer-Verlag Wien 2016 |
abstractGer |
Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. © Springer-Verlag Wien 2016 |
abstract_unstemmed |
Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. © Springer-Verlag Wien 2016 |
collection_details |
GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 |
container_issue |
11 |
title_short |
Event correlation in cloud: a forensic perspective |
url |
https://doi.org/10.1007/s00607-016-0500-2 |
remote_bool |
false |
author2 |
Geethakumari, G. |
author2Str |
Geethakumari, G. |
ppnlink |
129534927 |
mediatype_str_mv |
n |
isOA_txt |
false |
hochschulschrift_bool |
false |
doi_str |
10.1007/s00607-016-0500-2 |
up_date |
2024-07-04T03:34:30.922Z |
_version_ |
1803617903248932864 |
fullrecord_marcxml |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2061428762</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230502133805.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2016 xx ||||| 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s00607-016-0500-2</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2061428762</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s00607-016-0500-2-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Kumar Raju, B. K. S. P.</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Event correlation in cloud: a forensic perspective</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2016</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer-Verlag Wien 2016</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud computing</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Event correlation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Incident handling</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud forensics</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Geethakumari, G.</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computing</subfield><subfield code="d">Springer Vienna, 1966</subfield><subfield code="g">98(2016), 11 vom: 04. Juni, Seite 1203-1224</subfield><subfield code="w">(DE-627)129534927</subfield><subfield code="w">(DE-600)215907-7</subfield><subfield code="w">(DE-576)014963949</subfield><subfield code="x">0010-485X</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:98</subfield><subfield code="g">year:2016</subfield><subfield code="g">number:11</subfield><subfield code="g">day:04</subfield><subfield code="g">month:06</subfield><subfield code="g">pages:1203-1224</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s00607-016-0500-2</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OPC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2088</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4318</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">98</subfield><subfield code="j">2016</subfield><subfield code="e">11</subfield><subfield code="b">04</subfield><subfield code="c">06</subfield><subfield code="h">1203-1224</subfield></datafield></record></collection>
|
score |
7.3972797 |