Cloud Forensics Research

Please spare some minutes to fill out the survey on cloud forensics and critical criteria for cloud forensic capability and pass it on to your peers! Many thanks in advance.

CALL FOR CHAPTER

Cybercrime and Cloud Forensics: Applications for Investigation Processes

A book edited by Keyun Ruan

Centre for Cybercrime Investigation, University College Dublin, Ireland

To be published by IGI Global

www.igi-global.com

Introduction

Cloud computing has the potential to become one of the most transformative developments in how information technology services are created, delivered, and accessed. However, cloud computing represents both opportunity and crisis for cybercrime investigation and digital forensics. With the rise of cyber attacks and various crimes in the highly complex multi-jurisdictional and multi-tenant cloud environments, there is an urgent need to extend the applications of investigation processes into the Cloud.

Objective of the Book

This book will introduce the new area of cloud forensics and collect research and case studies on current, state-of-the-art applications for investigation processes in cloud computing environments. Chapters may address cloud forensics applications from the perspectives of cloud providers, cloud customers, security architects, law enforcement agencies, research institutes, etc. This book will serve as a reference for cloud communities, digital forensics practitioners, researchers who wish to understand current issues, advancing research, and technical innovations in the field of cloud forensics.

Target Audience

Cloud technologists at all levels; Cloud incident response teams; Cloud system and security administrators and architects; Cloud security managers; Cloud computing researchers; Digital forensics practitioners; Digital forensics researchers; Law enforcement; Ethical hackers.

Recommended topics include, but are NOT limited to the following:

Cloud customers (enterprise, government, etc.)

-       Cloud adoption

-       Usage scenarios

-       Forensic demand/usage

-       Forensic capability

-       Sample crime/policy violation cases

-       Sample investigation cases/scenarios/processes

Cloud providers

-       The evolution of cloud computing

-       Future of cloud computing

-       Cloud services

-       Forensic demand/usage

-       Forensic capability

-       Sample crime/policy violation cases

-       Sample investigation cases/scenarios/processes

Law Enforcement

-       Digital forensics and law

-       Current state of art of cyber law

-       International collaboration in battling cyber crime

-       Cloud computing and law

-       Multi-jurisdiction issues

-       Multi-tenancy issues

-       Service level agreement and cloud forensics

-       Digital evidence and cloud evidence and evidence admission

-       Cyber policing

-       Sample crime cases

-       Sample investigation cases/scenarios/processes

Digital Forensics Practice and Research

-       History and development of digital forensics

-       The rise of cybercrime

-       Cloud computing a new battlefield

-       Sample crime cases

-       Digital forensic process

-       Applications of digital forensic process in cloud computing

-       Challenges when applying current digital forensic best practices to cloud computing

-       Future of cloud forensics

-       Sample investigation cases/scenarios/processes

Security Architecture and Forensic Awareness

-       Public cloud

-       Private cloud

-       Hybrid cloud

-       Infrastructure as a Service

-       Platform as a Service

-       Software as a Service

-       Forensics as a Service

-       Ethical hacking

Editorial Advisory Board

• Dr. Ibrahim Baggili, Zayed University
• Dr. John S. Bay, Vice President and Chief Scientist, Assured Information Security Inc.
• Dr. Fred Cohen, CEO, Fred Cohen & Associates
• Dr. Malcolm Shore, University of Canterbury
• Mr. Jagdish Singh, Head of Research Coordination, Center for Security Assurance and Research, International Multilateral Partnership Against Cyber Threats (IMPACT)
• Prof. Gene Spafford, Purdue University

Review

All submitted chapters will be reviewed on a double-blind review basis. Contributors may also be requested to serve as reviewers for this project.

Publisher

This book is scheduled to be published by IGI Global (formerly Idea Group Inc.), publisher of the “Information Science Reference” (formerly Idea Group Reference), “Medical Information Science Reference”, “Business Science Reference”, and “Engineering Science Reference” imprints. For additional information regarding the publisher, please visit www.igi-global.com. This book is scheduled for publication in 2012.

Inquiries and submissions can be forwarded electronically (word document) or by mail to:

School of Computer Science and Informatics

University College Dublin, Belfield

Dublin 4, Dublin, Ireland

Tel: +353 1 716 2405 or +61 2 8006 2864

Mobile: +353 (0) 87 6121726

Email: keyun.ruan@ucd.ie

Web: RuanKeyun.com

Just came back from a full day conference of Cloud Computing Summit 2010 and was very happy meeting old and new colleagues from the industry.

Dr. Werner Vogels, VP and CTO of Amazon gave the morning keynote. Amazon is still leading the cloud market and technical innovations worldwide thus I was really excited to see Dr. Werner Vogels in person.  Dr. Giles Hogben, Programme Manager & Network Security Policy Expert, ENISA (European Network and Information Security Agency) gave the afternoon keynote on security risks and benefits. ENISA has issued one of the best whitepapers on cloud security risk analysis. Another very well written security white paper is from CSA (Cloud Security Alliance). The afternoon panel discussion on security was of great interest to me, especially when the panelists mentioned the forensic perspective, which echos many of my own thoughts.

Today’s conference was more about leveraging cloud computing rather than cloud adoption. Cloud computing is steadily becoming mainstream. I have been trying not to be too isolated in the research world, and attending business conferences as such is a good way for me to keep updated about what is going on in the current market.  Yet as a researcher, it is also vital to stay ahead with a vision of long-term architecture and developments. From today’s discussions and conversations we all agreed that there is much to do in the field of cloud forensics, yet first thing first is to break down this complex issue to a manageable scale. As Dr. Werner said, we are still on Day 1 of cloud computing technology, and I believe this is a unique time for the industry to prepare itself with a good foundation of security infrastructure with a joint effort in order to ensure sustainable growth.

Keyun

I was very luckily given the opportunity to speak at CloudEXPO2010 Europe held in Hilton Prague.  Being the youngest and the only female speaker, I was nervous before the speech, but all went quite well at the end, thanks to the encouragement from the people around. My session even attracted the biggest audience among all four tracks at the end of the second day of the event.

I spoke about Cloud Forensics: Challenges and Opportunities. My presentation can be downloaded here or here.

As a young researcher, I gained a lot of good insight and helpful advice from the people I met in Prague, who are closer to the industry. At the very end of the event, I went to Jeremy, the chair of CloudEXPO and asked him if I could go and speak at CloudEXPO Silicon Valley this Nov, and to my surprise, he immediately said yes! and even joked “all girls can come!”. I believe this is going to be truly an unusual opportunity for me, to speak at the largest cloud conference in the world in the heart of the technology.

News about my session at CloudEXPO Silicon Valley is on the Cloud Computing Journal. Looking forward to it!

I also attended pre-conference event at the Old Town Square on a lovely evening, although I was totally exhausted by previous travelling. Also saw people queuing for two whole roasted pigs in Prague at the event reception and that was a lot for me who did not eat any red meat for two years! :) After my talk, I had wine at the restaurant by the river where I use to go three years ago and it was just beautiful.

Keyun

Again kindly invited to and attended on behalf of my supervisor, the Microsoft Azure roundtable discussion on cloud computing in the headquarters of Microsoft Ireland. It was a session hosted by Microsoft to get feedback from its cloud customers, partners and academia. It was  a very open and casual discussion, coordinated by the development team lead, Clare Dillion. There was a very informative presentation from the leader of the cloud security team. I was also inspired by professor who is doing music synchronization and on-line orchestra.

Keyun

I met people from EuroCloud for the first time at a cloud event in my school, at that time, they were still planning for the organization, but quickly enough, EuroCloud Ireland Launch became the first corporate event at the brand new Aviva Stadium in Dublin.

The event was short but more than three hundred attendants joined. Being the biggest sponsor of EuroCloud Ireland, Microsoft was represented by the its Managing Director, Paul Rellis, who gave a passionate talk on the strategic advantage for Ireland as to EU in the Cloud industry. It was the second time I saw him, after at the wonderful talk from the Chairman of Microsoft Europe, Jan Muehlfeit, at IIEA, on Cloud Computing and EU2020.

http://www.eurocloud.ie/blog/bid/22028/Launch-of-EuroCloud-Ireland-Promoting-Cloud-Computing

Keyun

I could only attend one day of SecureCloud2010 because I had to fly to Cologne for another youth conference World Business Dialogue. The five star hotel in the center of Barcelona was so full of geeks from all over the world. I was quite stunned by the crowd. I was lucky enough to sat next to founder of CloudSecurity.org, Craig Balding, after his talk. Also had very interesting chat with representatives from NIST and IEEE on standards and international collaboration on battling cyber crimes.

I love Barcelona a lot for its spacious, creative and colorful characters.  Unfortunately I had to fly in and fly out on the same day and did not have time to enjoy one of my favorite cities in the world!

http://www.enisa.europa.eu/events/ee/sc2010

http://www.cloudsecurityalliance.org/sc2010.html

http://virtualization.sys-con.com/node/1290824

Keyun