Title: Forensic cloud environment: a solution for big data forensics

Authors: Oteng Tabona; Andrew Blyth; Thabiso M. Maupong; Thabo Semong

Addresses: Department of Computer Science and Information Systems, Botswana International University of Science and Technology, Palapye, Botswana ' Merimetso Ltd, Droitwich, Worcestershire, UK ' Department of Computer Science and Information Systems, Botswana International University of Science and Technology, Palapye, Botswana ' Department of Computer Science and Information Systems, Botswana International University of Science and Technology, Palapye, Botswana

Abstract: Big data forensics is a new and interesting research field because of the enormous amount of data and a variety of digital sources that are available today. Many of the proposed techniques in the literature use a workstation environment to carry out digital forensics investigations involving big data. The challenge of these techniques includes lack of evidence correlation, intelligence and knowledge sharing, and security lapses. In this paper, we propose a method to carry out digital forensic involving big data in the cloud. The key ingredient of our solution is a novel cloud environment called forensic cloud environment (FCE). We outline the key components of FCE, for each component and we discuss the role it plays in FCE's ability to handle big data. Finally, we evaluate the efficacy of FCE against forensic toolkit (FTK). The performance evaluation indicates that the FCE performs much better than FTK when dealing with big data forensic.

Keywords: digital forensic; big data forensics; forensic cloud environment; FCE; forensic toolkit; FTK.

DOI: 10.1504/IJESDF.2022.125401

International Journal of Electronic Security and Digital Forensics, 2022 Vol.14 No.5, pp.513 - 533

Received: 11 Dec 2020
Accepted: 13 Oct 2021
Published online: 08 Sep 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article