Research on cloud forensics based on Bayesian network

Research on cloud forensics based on Bayesian network

Liu Dong of Shandong Normal University

The main research of this paper is as follows: (1) The basic concepts of electronic forensics, cloud computing and cloud forensics are discussed systematically, the electronic forensics technology, the security threat of cloud environment and the implementation mechanism of cloud platform are summarized, the key technologies of cloud forensics are analyzed, and the basic flow of cloud forensics is given. (2) The paper analyzes the process of evidence mining and evidence processing in cloud forensics, and introduces the basic theory of Bayesian network and MapReduce programming model. A sequential pattern mining algorithm based on MapReduce is proposed, based on the analysis of the event correlation, the Bayesian network is used to construct the Bayesian structure model of the event, and the redundant data is removed, so that the results of forensics can better play the role of decision support and prediction, and provide reliable information for the evidence analysis. (3) The evidence analysis technique based on Bayesian network is proposed, this paper analyzes the relationship between the massive data extracted from cloud storage devices, finds the traces of criminal crimes, presents the crime facts, analyzes the actual crime cases in the cloud environment, puts forward hypotheses and inference hypotheses, and constructs a model of evidence analysis based on Bayesian networks. (4) The Cloud forensics service system composed of cloud forensics service platform and client is designed and implemented with the characteristics of distributed and collaborative processing of cloud computing technology.

Research on cloud forensics based on Bayesian network