Title: A trigger-based introspection approach for cloud incident handling

Authors: B.K.S.P. Kumar Raju; G. Geethakumari

Addresses: Department of Computer Science and Information Systems, BITS Pilani Hyderabad Campus, Thumukunta, Hyderabad-500078, India ' Department of Computer Science and Information Systems, BITS Pilani Hyderabad Campus, Thumukunta, Hyderabad-500078, India

Abstract: Cloud computing is emerging as one of the most sought after high performance computing environments. Many organisations still hesitate to migrate to cloud due to the security issues and lack of transparency. Enhancing trust on the cloud environment can be done either by improving the existing security mechanisms or by effective digital investigation and incident handling. In this paper, we focus on the latter. Introspection helps us in monitoring the state of a cloud virtual machine from outside of it. This reduces the contamination possibility of the digital evidences. In this paper, we present a model for performing effective introspection of virtual machines. We use complex event processing (CEP) for identifying the root cause of the incident. Our approach would aid in relevant evidence collection from virtual memory and increase the semantic interpretation of introspected data.

Keywords: cloud computing; incident handling; trigger-based introspection; digital forensics; virtual memory; cloud incidents; cloud security; trust; virtual machines; complex event processing; CEP.

DOI: 10.1504/IJBDI.2016.078398

International Journal of Big Data Intelligence, 2016 Vol.3 No.3, pp.163 - 175

Received: 24 Apr 2015
Accepted: 11 Jul 2015

Published online: 10 Aug 2016 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article