Publications-Theses

Article View/Open

Publication Export

Google ScholarTM

NCCU Library

Citation Infomation

Related Publications in TAIR

題名 雲端鑑識之身分鑑別與證據調查之研究
A study on identity-authentication and evidence-investigation for cloud forensics
作者 黃翔偉
Huang, Hsiang Wei
貢獻者 左瑞麟
Tso, Raylin
黃翔偉
Huang, Hsiang Wei
關鍵詞 雲端儲存服務
雲端鑑識
雲端使用者認證
Cloud storage service
Cloud forensics
Cloud user authentication
日期 2017
上傳時間 28-Aug-2017 12:05:47 (UTC+8)
摘要 近年來雲端服務、大數據、物聯網等技術相繼崛起發展,使得人們生活越加便利。雲端服務不僅為行動用戶帶來遠端存取資料的契機,也造成犯罪者能將犯罪資訊儲存於雲端,以便遠端存取犯罪事證,並降低自身攜有犯罪資料的風險。面對這樣的犯罪趨勢,本研究將提出一套以鑑識調查為目的的雲端鑑識機制,透過這樣的機制可保留關鍵證據,同時要能抵禦惡意外在攻擊,避免從雲端服務所萃取出來的證據遭受質疑。另外我們將針對iOS裝置上的雲端服務進行鑑識研究,透過網路分析、檔案分析及動態分析等3種分析方法,澈底瞭解在iOS裝置上所能發現的數位證據。
Recently, the technology development of cloud service, big data, and IoT has improved our life more and more convenience than before. Cloud service not only makes users to access data remotely, but also makes criminals to save the data of criminal in cloud, they can access the criminal evidence remotely, and reduce the risk of keeping the criminal data by themselves. This paper proposes a scheme of cloud forensics investigation, which could defend the cloud system from the outside offender, and forensically the evidence collect from the cloud service. The cloud storage forensics on iOS devices is further analyzed from the following three analysis methods, network packet analysis, file analysis, and APP runtime analysis. It will thoroughly help us explore digital evidence we.
參考文獻 A. Banks and C.S. Edge, “Learning iOS Security,” 1st ed., Packt Publishing Ltd., 2015.
S. Bommisetty, R. Tamma, and H. Mahalik, “Practical Mobile Forensics,” 1st ed., Packt Publishing Ltd., 2014.
L. Chen and Q. Zhang, “Forensic Analysis to China’s Cloud Storage Services,” International Journal of Machine Learning and Computing, vol. 5, no. 6, pp. 467-470, 2015.
H. Chung, J. Park, S. Lee, and C. Kang, “Digital forensic investigation of cloud storage services,” Digital Investigation, vol. 9, no. 2, pp. 81-95, 2012.
M. Epifani and P. Stirparo, “Learning iOS Forensics,” 1st ed., Packt Publishing Ltd., 2015.
J. Farina, M. Scanlon, N.A. Le-Khac, and M.T. Kechadi, “Overview of the Forensic Investigation of Cloud Service,” IEEE 10th International Conference on Availability, Reliability and Security, pp. 556-565, 2015.
G. Horsman and L.R. Conniss, “Investigating evidence of mobile phone usage by drivers in road traffic accidents,” Digital Investigation, vol. 12, no. 1, pp. S30-S37, 2015.
H. Jeong and E. Choi, “User Authentication using Profiling in Mobile Cloud Computing,” AASRI Procedia, vol. 2, no. 1, pp. 262-267, 2012.
S.L. Garfinkel, “Digital forensics research: The next 10 years,” Digital Investigation, vol. 7, no. 1, pp. S64-S73, 2010.
M. Goodman, “FUTURE CRIMES,” 1st ed, Randon House Audio, 2015.
V.M. Katilu, V.N.L. Franqueira, and O. Angelopoulou, “Challenges of Data Provenance for Cloud Forensic Investigations,” 2015 10th International Conference on Availability, Reliability and Security, pp. 312-317, 2015.
D.Y. Kao, “Cybercrime Investigation Countermeasure Using Created-Accessed-Modified Model in Cloud Computing Environments,” Journal of Supercomputing, vol. 72, no. 1, pp. 141-160, 2016.
W. Lee and H. Kim, “Heterogeneous cloud storage system for privacy,” 2014 Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 193-198, 2014.
B. Martini and K.K.R. Choo, “An integrated conceptual digital forensic framework for cloud computing,” Digital Investigation, vol. 9, no. 2, pp. 71-80, 2012.
B. Martini and K.K.R. Choo, “Cloud storage forensics: ownCloud as a case study,” Digital Investigation, vol. 10, no. 4, pp. 287-299, 2013.
B. Martini and K.K.R. Choo, “Cloud Forensic Technical Challenges and Solutions:A Snapshot,” IEEE Cloud Computing , vol. 1, no. 4, pp. 20-25, 2014.
G. Meyer and A. Stander, “Cloud Computing:The Digital Forensics Challenge,” Proceedings of Informing Science & IT Education Conference(InSITE), pp. 285-299, 2015.
P.N. Ninawe and S.B. Ardhapurkar, “Design and implementation of cloud based mobile forensic tool,” 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS), pp. 1-4, 2015.
K. Oestreicher, “A forensically robust method for acquisition of iCloud data,” Digital Investigation, vol. 11, no. 2, pp. S106-S113, 2014.
D. Quick and K.K.R. Choo, “Digital droplets: Microsoft SkyDrive forensic data remnants,” Future Generation Computer Systems, vol. 29, no. 6, pp. 1378-1394, 2013.
D. Quick and K.K.R. Choo, “Dropbox analysis: Data remnants on user machines,” Digital Investigation, vol. 10, no. 1, pp. 3-18, 2013.
D. Quick and K.K.R. Choo, “Forensic collection of storage data: Does the act of collection result in changes to the data or its metadata? ,” Digital Investigation, vol. 10, no. 3, pp. 266-277, 2013.
D. Quick and K.K.R. Choo, “Google Drive: Forensic analysis of data remnants,” Journal of Network and Computer Applications, vol. 40, no. 1, pp. 179-193, 2014.
V. Roussev and S. McCulley, “Forensic analysis of cloud-native artifacts,” Digital Investigation, vol. 16, no. 1, pp. S104-S113, 2016.
N. Samet, A.B. Letaifa, M. Hamdi, and S. Tabbane, “Forensic Investigation in Mobile Cloud Environment,” The 2014 International Symposium on Networks, Computers and Communications, pp. 1-5, 2014.
J. Sammons, “DIGITAL FORENSICS,” 1st ed., Elsevier Inc., 2015.
SANS Institute InfoSec Reading Room, “iPwn Apps:Pentesting iOS Applications”, 2014.
K. Selvamani and P.K. Arya, “Credential Based Authentication Approach for Dynamic Group in Cloud Environment,” Procedia Computer Science, vol. 48, no. 1, pp. 166-172, 2015.
D.H. Sharma, C.A. Dhote, and M.M. Potey, “Identity and Access Management as Security-as-a-Service from Clouds,” Procedia Computer Science, vol. 79, no. 1, pp. 170-174, 2016.
O. Tabona and A. Blyth, “A forensic cloud environment to address the big data challenge in digital forensics,” 2016 SAI Computing Conference (SAI), pp. 579-584, 2016.
D. Walnycky, I. Baggili, A. Marrington, J. Moore, and F. Breitinger, “Network and device forensic analysis of Android social-messaging applications,” Digital Investigation, vol. 14, no. 1, pp. S77-S84, 2015.
S. Zawoad, A.K. Dutta, and R. Hasan, “SecLaaS:Secure Logging-as-a-Service for Cloud Forensics,” 8th ACM symposium on information, computer and communications security(ASIACCS), pp. 219-230, 2013.
S. Zawoad, R. Hasan, and J. Grimes, “LINCS: Towards building a trustworthy litigation hold enabled cloud storage system,” Digital Investigation, vol. 14, no. 1, pp. S55-S67, 2015.
描述 碩士
國立政治大學
資訊科學系碩士在職專班
104971021
資料來源 http://thesis.lib.nccu.edu.tw/record/#G0104971021
資料類型 thesis
dc.contributor.advisor 左瑞麟zh_TW
dc.contributor.advisor Tso, Raylinen_US
dc.contributor.author (Authors) 黃翔偉zh_TW
dc.contributor.author (Authors) Huang, Hsiang Weien_US
dc.creator (作者) 黃翔偉zh_TW
dc.creator (作者) Huang, Hsiang Weien_US
dc.date (日期) 2017en_US
dc.date.accessioned 28-Aug-2017 12:05:47 (UTC+8)-
dc.date.available 28-Aug-2017 12:05:47 (UTC+8)-
dc.date.issued (上傳時間) 28-Aug-2017 12:05:47 (UTC+8)-
dc.identifier (Other Identifiers) G0104971021en_US
dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/112267-
dc.description (描述) 碩士zh_TW
dc.description (描述) 國立政治大學zh_TW
dc.description (描述) 資訊科學系碩士在職專班zh_TW
dc.description (描述) 104971021zh_TW
dc.description.abstract (摘要) 近年來雲端服務、大數據、物聯網等技術相繼崛起發展,使得人們生活越加便利。雲端服務不僅為行動用戶帶來遠端存取資料的契機,也造成犯罪者能將犯罪資訊儲存於雲端,以便遠端存取犯罪事證,並降低自身攜有犯罪資料的風險。面對這樣的犯罪趨勢,本研究將提出一套以鑑識調查為目的的雲端鑑識機制,透過這樣的機制可保留關鍵證據,同時要能抵禦惡意外在攻擊,避免從雲端服務所萃取出來的證據遭受質疑。另外我們將針對iOS裝置上的雲端服務進行鑑識研究,透過網路分析、檔案分析及動態分析等3種分析方法,澈底瞭解在iOS裝置上所能發現的數位證據。zh_TW
dc.description.abstract (摘要) Recently, the technology development of cloud service, big data, and IoT has improved our life more and more convenience than before. Cloud service not only makes users to access data remotely, but also makes criminals to save the data of criminal in cloud, they can access the criminal evidence remotely, and reduce the risk of keeping the criminal data by themselves. This paper proposes a scheme of cloud forensics investigation, which could defend the cloud system from the outside offender, and forensically the evidence collect from the cloud service. The cloud storage forensics on iOS devices is further analyzed from the following three analysis methods, network packet analysis, file analysis, and APP runtime analysis. It will thoroughly help us explore digital evidence we.en_US
dc.description.tableofcontents 第1章 緒論 1
1.1 研究動機 1
1.2 研究背景 1
1.3 研究限制 2
第2章 文獻探討 4
2.1 雲端鑑識 4
2.2 現行雲端鑑識研究 6
第3章 雲端鑑識機制研究 10
3.1 雲端使用者認證系統 11
3.1.1 合法使用者驗證程序 11
3.1.2 匿名使用者驗證程序 13
3.2 日誌中心系統 15
3.2.1 使用者稽核資料庫 15
3.2.2 檔案稽核資料庫 16
3.2.3 雲端鑑識中心 17
3.3 風險模型 18
3.4 安全性議題 20
3.5 雲端鑑識機制驗證結果 23
第4章 雲端APP鑑識分析研究 29
4.1 網路封包分析 30
4.2 檔案分析 43
4.3 APP執行分析 62
4.4 雲端APP鑑識分析結果 78
第5章 結論 86
參考文獻 87
zh_TW
dc.format.extent 10104910 bytes-
dc.format.mimetype application/pdf-
dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0104971021en_US
dc.subject (關鍵詞) 雲端儲存服務zh_TW
dc.subject (關鍵詞) 雲端鑑識zh_TW
dc.subject (關鍵詞) 雲端使用者認證zh_TW
dc.subject (關鍵詞) Cloud storage serviceen_US
dc.subject (關鍵詞) Cloud forensicsen_US
dc.subject (關鍵詞) Cloud user authenticationen_US
dc.title (題名) 雲端鑑識之身分鑑別與證據調查之研究zh_TW
dc.title (題名) A study on identity-authentication and evidence-investigation for cloud forensicsen_US
dc.type (資料類型) thesisen_US
dc.relation.reference (參考文獻) A. Banks and C.S. Edge, “Learning iOS Security,” 1st ed., Packt Publishing Ltd., 2015.
S. Bommisetty, R. Tamma, and H. Mahalik, “Practical Mobile Forensics,” 1st ed., Packt Publishing Ltd., 2014.
L. Chen and Q. Zhang, “Forensic Analysis to China’s Cloud Storage Services,” International Journal of Machine Learning and Computing, vol. 5, no. 6, pp. 467-470, 2015.
H. Chung, J. Park, S. Lee, and C. Kang, “Digital forensic investigation of cloud storage services,” Digital Investigation, vol. 9, no. 2, pp. 81-95, 2012.
M. Epifani and P. Stirparo, “Learning iOS Forensics,” 1st ed., Packt Publishing Ltd., 2015.
J. Farina, M. Scanlon, N.A. Le-Khac, and M.T. Kechadi, “Overview of the Forensic Investigation of Cloud Service,” IEEE 10th International Conference on Availability, Reliability and Security, pp. 556-565, 2015.
G. Horsman and L.R. Conniss, “Investigating evidence of mobile phone usage by drivers in road traffic accidents,” Digital Investigation, vol. 12, no. 1, pp. S30-S37, 2015.
H. Jeong and E. Choi, “User Authentication using Profiling in Mobile Cloud Computing,” AASRI Procedia, vol. 2, no. 1, pp. 262-267, 2012.
S.L. Garfinkel, “Digital forensics research: The next 10 years,” Digital Investigation, vol. 7, no. 1, pp. S64-S73, 2010.
M. Goodman, “FUTURE CRIMES,” 1st ed, Randon House Audio, 2015.
V.M. Katilu, V.N.L. Franqueira, and O. Angelopoulou, “Challenges of Data Provenance for Cloud Forensic Investigations,” 2015 10th International Conference on Availability, Reliability and Security, pp. 312-317, 2015.
D.Y. Kao, “Cybercrime Investigation Countermeasure Using Created-Accessed-Modified Model in Cloud Computing Environments,” Journal of Supercomputing, vol. 72, no. 1, pp. 141-160, 2016.
W. Lee and H. Kim, “Heterogeneous cloud storage system for privacy,” 2014 Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 193-198, 2014.
B. Martini and K.K.R. Choo, “An integrated conceptual digital forensic framework for cloud computing,” Digital Investigation, vol. 9, no. 2, pp. 71-80, 2012.
B. Martini and K.K.R. Choo, “Cloud storage forensics: ownCloud as a case study,” Digital Investigation, vol. 10, no. 4, pp. 287-299, 2013.
B. Martini and K.K.R. Choo, “Cloud Forensic Technical Challenges and Solutions:A Snapshot,” IEEE Cloud Computing , vol. 1, no. 4, pp. 20-25, 2014.
G. Meyer and A. Stander, “Cloud Computing:The Digital Forensics Challenge,” Proceedings of Informing Science & IT Education Conference(InSITE), pp. 285-299, 2015.
P.N. Ninawe and S.B. Ardhapurkar, “Design and implementation of cloud based mobile forensic tool,” 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS), pp. 1-4, 2015.
K. Oestreicher, “A forensically robust method for acquisition of iCloud data,” Digital Investigation, vol. 11, no. 2, pp. S106-S113, 2014.
D. Quick and K.K.R. Choo, “Digital droplets: Microsoft SkyDrive forensic data remnants,” Future Generation Computer Systems, vol. 29, no. 6, pp. 1378-1394, 2013.
D. Quick and K.K.R. Choo, “Dropbox analysis: Data remnants on user machines,” Digital Investigation, vol. 10, no. 1, pp. 3-18, 2013.
D. Quick and K.K.R. Choo, “Forensic collection of storage data: Does the act of collection result in changes to the data or its metadata? ,” Digital Investigation, vol. 10, no. 3, pp. 266-277, 2013.
D. Quick and K.K.R. Choo, “Google Drive: Forensic analysis of data remnants,” Journal of Network and Computer Applications, vol. 40, no. 1, pp. 179-193, 2014.
V. Roussev and S. McCulley, “Forensic analysis of cloud-native artifacts,” Digital Investigation, vol. 16, no. 1, pp. S104-S113, 2016.
N. Samet, A.B. Letaifa, M. Hamdi, and S. Tabbane, “Forensic Investigation in Mobile Cloud Environment,” The 2014 International Symposium on Networks, Computers and Communications, pp. 1-5, 2014.
J. Sammons, “DIGITAL FORENSICS,” 1st ed., Elsevier Inc., 2015.
SANS Institute InfoSec Reading Room, “iPwn Apps:Pentesting iOS Applications”, 2014.
K. Selvamani and P.K. Arya, “Credential Based Authentication Approach for Dynamic Group in Cloud Environment,” Procedia Computer Science, vol. 48, no. 1, pp. 166-172, 2015.
D.H. Sharma, C.A. Dhote, and M.M. Potey, “Identity and Access Management as Security-as-a-Service from Clouds,” Procedia Computer Science, vol. 79, no. 1, pp. 170-174, 2016.
O. Tabona and A. Blyth, “A forensic cloud environment to address the big data challenge in digital forensics,” 2016 SAI Computing Conference (SAI), pp. 579-584, 2016.
D. Walnycky, I. Baggili, A. Marrington, J. Moore, and F. Breitinger, “Network and device forensic analysis of Android social-messaging applications,” Digital Investigation, vol. 14, no. 1, pp. S77-S84, 2015.
S. Zawoad, A.K. Dutta, and R. Hasan, “SecLaaS:Secure Logging-as-a-Service for Cloud Forensics,” 8th ACM symposium on information, computer and communications security(ASIACCS), pp. 219-230, 2013.
S. Zawoad, R. Hasan, and J. Grimes, “LINCS: Towards building a trustworthy litigation hold enabled cloud storage system,” Digital Investigation, vol. 14, no. 1, pp. S55-S67, 2015.
zh_TW