Cloud computing has revolutionized the way computing is performed and is expected to be the commonly adopted by all sectors of the industry. Further cloud’s increasing popularity, internet based access and proliferation of low-cost handheld devices is catalyzing cloud-based crimes. The cloud’s virtualized, shared and distributed environment complicates’ prevention and investigation of cloud-based crimes.  “Cloud Forensics” is the term used for conducting forensic investigation in cloud environment. This paper discusses the problems of forensic investigation in cloud, currently available tools for forensic investigation in cloud in brief and forensic-capability that a cloud service provider can have to support forensic investigation. The aim is to help researchers, developers and enterprises to work towards building a secure cloud environment.

Gartner, ”Forecast: IT Services, Worldwide, 2012-2018, 2Q14Update”, http://www.gartner.com/doc/2767618, [Accessed on July 11th, 2014].

I-CIO, “Crime as service”, http://www/i-cio.com/features/june-2010/crime-as-a-service, 2010 [Accessed on April 15th 2013].

Forbinet, “2012 threat predictions”, http://blog.forbinet.com/2012-threat-predictions/, 2012 [Accessed on April 15th 2013].

K. Kent, S. Chevalier, T. Grance, and H. Dang, “Guide to integrating forensic techniques into incident response”, NIST Special Publication, pp. 800-86, 2006.

T. Lillard, C. Garrision, C. Schiller, J. Steele, and Murray, Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data. Elsevier, 2010.

T. Ristenpart. E. Tromer. H. Scacham. And S. Savage, “Hey, you, get off my cloud: exploring information leakage in third-party compute clouds”, in proceedings of the 16th ACM conference on computer and communications security. ACM, 2009, pp. 199-212.

J. Vacca, Computer forensics: computer crime scene investigation. Delmar Thomson Learning, 2005, vol. 1.

D. Brick, “Technical challenges of forensic investigations in cloud computing environments”, in workshop on cryptography and security in clouds, January 2011.

H. Guo, B. Jin, and T. Shang, “Forensic investigations in cloud environments”, in Computer Science and Information Processing (CSIP), 2012 International Conference on IEEE, 2012, pp. 248-251.

S. Wolthusen, “Overcast: Forensic discovery in cloud environments”, in proceedings of the Fifth International Conference on IT Security Incident Management and IT Forenscis(IMF). IEEE, 2009, pp. 3-9.

D. Reilly, C. wren, and T. Berry, “Cloud computing: Pros and cons for computer forensic investigations, “ International Journal Multimedia and Image Processing(IJMIP), March 2011, vol. 1, no. 1, pp. 26-34.

M. Taylor, J. Haggerty, D. Gresty, and R. Hegarty, “Digital evidence in cloud computing systems,”Computer Law and Security Review, 2010, vol. 26, no. 3, pp. 304-308.

J. Dykstra and A Sherman, “Understanding issues in cloud forensics: Two hypothetical case studies, “Journal of Network Forensics, 2011, vol. b, no 3, pp. 19-31.

M. K. Waldo Delport, Martin S. Oliver, “Isolating a cloud instance for a digital forensic investigation”, in proceedings of the information and Computer Security Architecture (ICSA). 2011.

Shams Zawoad, Ragib Hasan, “Cloud Forensics: A meta-study of challenges, Approaches and open problems”, arXiv preprint arXiv:1302.63.12, 2013.

K. Raun. J. Carthy, T. Kechadi, and M. Crosbie, “Cloud Forensics: An overview”, in proceedings of 7th international Conference on Digital Forensics, IFIP 2011.

Zafarullah, F. Anwar, and Z. Anwar, “Digital forensics for eucalyptus”, in Frontiers of information Technology(FIT), IEEE, 2011, pp. 110-116.

S. Biggs and S. Vidalia, “Cloud computing: The impact on digital forensic investigations”, in proceedings of the International Conference for internet Technology and Secured Transactions. ICITST. IEEE, 2009, pp. 1-6.

Shams Zawoad, Amit kumar Dutta “SecLaaS: Secure Logging-as-a-service for cloud forensics”, in proceedings of 8th ACM SIGSAC Symposium on information, computer and communication security, 2013, pp. 219-230.

Keyun Ruan, Joshua James, Joe Carthy and Tahar Kechadi, “Key Terms for Service level agreements to support cloud forensics”, in proceeding of 8th Annual IFIP WG 11.9 International Conference on Digital Forensics, 2012, pp 201-212.

Mattia Epifani,”Cloud Storage Forensics”, SANS European Digital Forensics Summit, 2013, https://digital-forensics.sans.org/summit-archives/Prague_Summit/Cloud_storage_Forensics_Mattia_Eppifani.pdf

Design and implementation of FROST: digital forensic tools for the openstack cloud computing platform, in 13th Annual Digital Forensics Research Workshop – DFRWS, 2013, Vol 10, pp. S87-S95.

Sibiya G, Venter HS, Fogwill T, “ Digital Forensic Framework for a Cloud Environment”, in proceedings of IST- Africa, Tanzania, 2012, pp 1-8.

Raffael Marty, Cloud Application Logging for Forensics, ACM SAC’11, TaiChung, Taiwan

Waldo Delport, Michael Kohn, Martin S. Oliver, “Isolating a Cloud Instance for Digital Forensic Investigation”, In proceedings of Information Security for South Africa(ISSA 2011) Conference August 2011.

Franscois Van Standen, Hein Venter, “Implementing Forensic Readiness using performance monitoring tools”, IFIP Advances in Information and Communication Technology, Vol 383, 2012, pp 261-271.

www.openstack.org [Accessed on July 11th, 2014].

Rainer Poisel, Erich Malzer and Simon Tjoa, “Evidence and Cloud Computing: The Virtual Machine Introspection Approach”, Journal of Wireless Mobile Networks, Ubiquitous Computing and Dependable Applications, JoWUA, Vol 4, Issue 2, 2013, pp. 135-152.

M. D. Ludwig Slusky, Parviz Partow-Navid, “Cloud computing and computer forensic for business applications”, Lournal of Technology Research, July 2012, vol. 3.

R. Ko. P. Jagadparamana, M. Mowbray, S. Pearson, M. Kirchberg, Q. Liang and B. Lee, “Trustcloud: A framework for accountability and trust in cloud computing”, in proceedings of IEEE World Congress on Services, IEEE, 2011, pp. 584-588.

J. Dykstra and A. Sherman, “Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust and techniques”, DoD Cyber Crime Conference, Jan 2012.

R. Hegarty, M. Merabti, Q. Shi, and B. Askwith, “Forensic analysis of distributed data in a service oriented computing platform”, in proceedings of the 10th Annual Postgraduate Symposium on the convergence of telecommunications, Networking and Broadcasting, PG Net. 2009.

K. Muniswamy Reddy, P. Maccko and M. Seltzer, “Provenance for the cloud”, in proceedings of the 8th USENIX conference on File and storage technologies. USENIX Association 2010, pp. 15-14.

K. Muniswamy Reddy and M. Seltzer, “Provenance as first class cloud data”, ACM SIGOPS Operating Systems Review, 2011, Vol. 3, no. 4, pp. 11-16.

B. Hay and K. Nance, “Forensics examination of volatile system data using virtual introspection”, ACM SIGOPS Operating Systems Review, 2008, vol. 42, no. 3.