Event correlation in cloud: a forensic perspective

Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event c...
Ausführliche Beschreibung

Gespeichert in:

Autor*in:	Kumar Raju, B. K. S. P. [verfasserIn] Geethakumari, G.

Format:	Artikel
Sprache:	Englisch

Erschienen:	2016

Schlagwörter:	Cloud computing Event correlation Incident handling Cloud forensics

Systematik:	SA 4220 SA 4220

Anmerkung:	© Springer-Verlag Wien 2016

Übergeordnetes Werk:	Enthalten in: Computing - Springer Vienna, 1966, 98(2016), 11 vom: 04. Juni, Seite 1203-1224
Übergeordnetes Werk:	volume:98 ; year:2016 ; number:11 ; day:04 ; month:06 ; pages:1203-1224

Links:	Volltext

DOI / URN:	10.1007/s00607-016-0500-2

Katalog-ID:	OLC2061428762

Internformat


LEADER	01000caa a22002652 4500
001	OLC2061428762
003	DE-627
005	20230502133805.0
007	tu
008	200819s2016 xx \|\|\|\|\| 00\| \|\|eng c
024	7		\|a 10.1007/s00607-016-0500-2 \|2 doi
035			\|a (DE-627)OLC2061428762
035			\|a (DE-He213)s00607-016-0500-2-p
040			\|a DE-627 \|b ger \|c DE-627 \|e rakwb
041			\|a eng
082	0	4	\|a 004 \|q VZ
084			\|a SA 4220 \|q VZ \|2 rvk
084			\|a SA 4220 \|q VZ \|2 rvk
100	1		\|a Kumar Raju, B. K. S. P. \|e verfasserin \|4 aut
245	1	0	\|a Event correlation in cloud: a forensic perspective
264		1	\|c 2016
336			\|a Text \|b txt \|2 rdacontent
337			\|a ohne Hilfsmittel zu benutzen \|b n \|2 rdamedia
338			\|a Band \|b nc \|2 rdacarrier
500			\|a © Springer-Verlag Wien 2016
520			\|a Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator.
650		4	\|a Cloud computing
650		4	\|a Event correlation
650		4	\|a Incident handling
650		4	\|a Cloud forensics
700	1		\|a Geethakumari, G. \|4 aut
773	0	8	\|i Enthalten in \|t Computing \|d Springer Vienna, 1966 \|g 98(2016), 11 vom: 04. Juni, Seite 1203-1224 \|w (DE-627)129534927 \|w (DE-600)215907-7 \|w (DE-576)014963949 \|x 0010-485X \|7 nnns
773	1	8	\|g volume:98 \|g year:2016 \|g number:11 \|g day:04 \|g month:06 \|g pages:1203-1224
856	4	1	\|u https://doi.org/10.1007/s00607-016-0500-2 \|z lizenzpflichtig \|3 Volltext
912			\|a GBV_USEFLAG_A
912			\|a SYSFLAG_A
912			\|a GBV_OLC
912			\|a SSG-OLC-TEC
912			\|a SSG-OLC-MAT
912			\|a SSG-OPC-MAT
912			\|a GBV_ILN_24
912			\|a GBV_ILN_65
912			\|a GBV_ILN_70
912			\|a GBV_ILN_2088
912			\|a GBV_ILN_4318
912			\|a GBV_ILN_4323
936	r	v	\|a SA 4220
936	r	v	\|a SA 4220
951			\|a AR
952			\|d 98 \|j 2016 \|e 11 \|b 04 \|c 06 \|h 1203-1224

Indexfelder

author_variant	r b k s p k rbksp rbkspk g g gg
matchkey_str	article:0010485X:2016----::vncreainnluaoes
hierarchy_sort_str	2016
publishDate	2016
allfields	10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224
spelling	10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224
allfields_unstemmed	10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224
allfieldsGer	10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224
allfieldsSound	10.1007/s00607-016-0500-2 doi (DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p DE-627 ger DE-627 rakwb eng 004 VZ SA 4220 VZ rvk SA 4220 VZ rvk Kumar Raju, B. K. S. P. verfasserin aut Event correlation in cloud: a forensic perspective 2016 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer-Verlag Wien 2016 Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. Cloud computing Event correlation Incident handling Cloud forensics Geethakumari, G. aut Enthalten in Computing Springer Vienna, 1966 98(2016), 11 vom: 04. Juni, Seite 1203-1224 (DE-627)129534927 (DE-600)215907-7 (DE-576)014963949 0010-485X nnns volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224 https://doi.org/10.1007/s00607-016-0500-2 lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323 SA 4220 SA 4220 AR 98 2016 11 04 06 1203-1224
language	English
source	Enthalten in Computing 98(2016), 11 vom: 04. Juni, Seite 1203-1224 volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224
sourceStr	Enthalten in Computing 98(2016), 11 vom: 04. Juni, Seite 1203-1224 volume:98 year:2016 number:11 day:04 month:06 pages:1203-1224
format_phy_str_mv	Article
institution	findex.gbv.de
topic_facet	Cloud computing Event correlation Incident handling Cloud forensics
dewey-raw	004
isfreeaccess_bool	false
container_title	Computing
authorswithroles_txt_mv	Kumar Raju, B. K. S. P. @@aut@@ Geethakumari, G. @@aut@@
publishDateDaySort_date	2016-06-04T00:00:00Z
hierarchy_top_id	129534927
dewey-sort	14
id	OLC2061428762
language_de	englisch
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2061428762</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230502133805.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2016 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s00607-016-0500-2</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2061428762</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s00607-016-0500-2-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Kumar Raju, B. K. S. P.</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Event correlation in cloud: a forensic perspective</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2016</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer-Verlag Wien 2016</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud computing</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Event correlation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Incident handling</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud forensics</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Geethakumari, G.</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computing</subfield><subfield code="d">Springer Vienna, 1966</subfield><subfield code="g">98(2016), 11 vom: 04. Juni, Seite 1203-1224</subfield><subfield code="w">(DE-627)129534927</subfield><subfield code="w">(DE-600)215907-7</subfield><subfield code="w">(DE-576)014963949</subfield><subfield code="x">0010-485X</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:98</subfield><subfield code="g">year:2016</subfield><subfield code="g">number:11</subfield><subfield code="g">day:04</subfield><subfield code="g">month:06</subfield><subfield code="g">pages:1203-1224</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s00607-016-0500-2</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OPC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2088</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4318</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">98</subfield><subfield code="j">2016</subfield><subfield code="e">11</subfield><subfield code="b">04</subfield><subfield code="c">06</subfield><subfield code="h">1203-1224</subfield></datafield></record></collection>
author	Kumar Raju, B. K. S. P.
spellingShingle	Kumar Raju, B. K. S. P. ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics Event correlation in cloud: a forensic perspective
authorStr	Kumar Raju, B. K. S. P.
ppnlink_with_tag_str_mv	@@773@@(DE-627)129534927
format	Article
dewey-ones	004 - Data processing & computer science
delete_txt_mv	keep
author_role	aut aut
collection	OLC
remote_str	false
illustrated	Not Illustrated
issn	0010-485X
topic_title	004 VZ SA 4220 VZ rvk Event correlation in cloud: a forensic perspective Cloud computing Event correlation Incident handling Cloud forensics
topic	ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics
topic_unstemmed	ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics
topic_browse	ddc 004 rvk SA 4220 misc Cloud computing misc Event correlation misc Incident handling misc Cloud forensics
format_facet	Aufsätze Gedruckte Aufsätze
format_main_str_mv	Text Zeitschrift/Artikel
carriertype_str_mv	nc
hierarchy_parent_title	Computing
hierarchy_parent_id	129534927
dewey-tens	000 - Computer science, knowledge & systems
hierarchy_top_title	Computing
isfreeaccess_txt	false
familylinks_str_mv	(DE-627)129534927 (DE-600)215907-7 (DE-576)014963949
title	Event correlation in cloud: a forensic perspective
ctrlnum	(DE-627)OLC2061428762 (DE-He213)s00607-016-0500-2-p
title_full	Event correlation in cloud: a forensic perspective
author_sort	Kumar Raju, B. K. S. P.
journal	Computing
journalStr	Computing
lang_code	eng
isOA_bool	false
dewey-hundreds	000 - Computer science, information & general works
recordtype	marc
publishDateSort	2016
contenttype_str_mv	txt
container_start_page	1203
author_browse	Kumar Raju, B. K. S. P. Geethakumari, G.
container_volume	98
class	004 VZ SA 4220 VZ rvk
format_se	Aufsätze
author-letter	Kumar Raju, B. K. S. P.
doi_str_mv	10.1007/s00607-016-0500-2
dewey-full	004
title_sort	event correlation in cloud: a forensic perspective
title_auth	Event correlation in cloud: a forensic perspective
abstract	Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. © Springer-Verlag Wien 2016
abstractGer	Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. © Springer-Verlag Wien 2016
abstract_unstemmed	Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator. © Springer-Verlag Wien 2016
collection_details	GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT SSG-OPC-MAT GBV_ILN_24 GBV_ILN_65 GBV_ILN_70 GBV_ILN_2088 GBV_ILN_4318 GBV_ILN_4323
container_issue	11
title_short	Event correlation in cloud: a forensic perspective
url	https://doi.org/10.1007/s00607-016-0500-2
remote_bool	false
author2	Geethakumari, G.
author2Str	Geethakumari, G.
ppnlink	129534927
mediatype_str_mv	n
isOA_txt	false
hochschulschrift_bool	false
doi_str	10.1007/s00607-016-0500-2
up_date	2024-07-04T03:34:30.922Z
_version_	1803617903248932864
fullrecord_marcxml	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2061428762</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230502133805.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2016 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s00607-016-0500-2</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2061428762</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s00607-016-0500-2-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="084" ind1=" " ind2=" "><subfield code="a">SA 4220</subfield><subfield code="q">VZ</subfield><subfield code="2">rvk</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Kumar Raju, B. K. S. P.</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Event correlation in cloud: a forensic perspective</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2016</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer-Verlag Wien 2016</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Forensic investigation in cloud computing systems faces various legal, technical and organizational challenges. In this work, we focus on the technical issues of cloud forensics, specifically event correlation—a technique used to expose the relation between two or more cloud events. Event correlation in cloud is relatively at its early stages. We categorize the cloud event correlation in to two stages. In the first stage, we consider the events from the perspective of single artifact and perform correlation (homogeneous correlation). In the second stage, we collect the events from multiple artifacts and then perform correlation (heterogeneous correlation). The proposed approach helps automate the detection of incidents from cloud evidences and also speedup the event interpretation process by the investigator.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud computing</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Event correlation</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Incident handling</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Cloud forensics</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Geethakumari, G.</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">Computing</subfield><subfield code="d">Springer Vienna, 1966</subfield><subfield code="g">98(2016), 11 vom: 04. Juni, Seite 1203-1224</subfield><subfield code="w">(DE-627)129534927</subfield><subfield code="w">(DE-600)215907-7</subfield><subfield code="w">(DE-576)014963949</subfield><subfield code="x">0010-485X</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:98</subfield><subfield code="g">year:2016</subfield><subfield code="g">number:11</subfield><subfield code="g">day:04</subfield><subfield code="g">month:06</subfield><subfield code="g">pages:1203-1224</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s00607-016-0500-2</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OPC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_24</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_65</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2088</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4318</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_4323</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="936" ind1="r" ind2="v"><subfield code="a">SA 4220</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">98</subfield><subfield code="j">2016</subfield><subfield code="e">11</subfield><subfield code="b">04</subfield><subfield code="c">06</subfield><subfield code="h">1203-1224</subfield></datafield></record></collection>
score	7.3972797

Nicht das Richtige dabei?

Schreiben Sie uns!

Event correlation in cloud: a forensic perspective

Nicht das Richtige dabei?

Zugang & Verfügbarkeit

Vorhandene Bände

Nicht das Richtige dabei?