Cloud-based digital forensics evaluation test (D-FET) platform.

Buchanan, William J, Macfarlane, Richard, Flandrin, Flavien, Graves, Jamie, Fan, Lu, Ekonomou, Elias, Bose, Niladri and Ludwiniak, Robert (2011) Cloud-based digital forensics evaluation test (D-FET) platform. In: Cyberforensics 2011, 27th-28th June 2011, University of Strathclyde, Glasgow.

Full text not available from this repository. (Request a copy)


This paper outlines the specification of the Cloud-based DFET platform which is used to evaluate the performance of digital forensics tools, which aim to detect the presence of trails of evidence, such as for the presence of illicit images and determination of user accounts from a host. Along with measuring key quality metrics, such as truepositives, and false-positives, it also measures operational performance, such as for the speed of success, CPU utilization and memory usage. This is used to determine the basic footprint of the package-under-test. The paper presents a proof-of-concept of the system using the VMware vSphere Hypervisor (ESXi) within the vCenter Cloud management infrastructure, which provides a cluster environment, and supports the creation and instantiation of a well-defined virtual test operation system. The infrastructure has been used within a teaching environment for two semesters, and has been shown to cope well in terms of performance and administration. Two key evaluation points related to whether a cloudbased infrastructure will provide improvement on existing stand-alone and workstation-based virtualisation are related to the improvement in energy consumption and in the CPU utilization footprint for each virtual machine. Thus the results show some metrics related to the energy and CPU consumptions of the created digital forensics instances, which can be used to justify the improvements in energy consumption, as opposed to stand-alone instances, and in the scalability of the infrastructure.

Item Type: Conference or Workshop Item (Paper)
Uncontrolled Keywords: Cloud computing; digital forensics; D-Fet platform; evidence trails; VMware vSphere Hypervisor (ESXi);
University Divisions/Research Centres: Edinburgh Napier University, Institute for Informatics and Digital Innovation
Dewey Decimal Subjects: 000 Computer science, information & general works > 000 Computer science, knowledge & systems > 005 Computer programming, programs & data > 005.8 Data security
Library of Congress Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Item ID: 4429
Depositing User: Computing Research
Date Deposited: 30 May 2011 14:10
Last Modified: 30 May 2011 14:10

Actions (login required)

View Item View Item

Edinburgh Napier University is a registered Scottish charity. Registration number SC018373