Strategies for intrusion monitoring in cloud services

Weir, George R. S. and Aßmuth, Andreas (2017) Strategies for intrusion monitoring in cloud services. In: The Eighth International Conference on Cloud Computing, GRIDs, and Virtualization, 2017-02-19 - 2017-02-23, NOVOTEL Athens Hotel.

[img]
Preview
Text (Weir-Assmuth-2017-Strategies-for-intrusion-monitoring-in-cloud-services)
Weir_A_muth_2017_Strategies_for_intrusion_monitoring_in_cloud_services.pdf
Accepted Author Manuscript

Download (164kB)| Preview

    Abstract

    Effective activity and event monitoring is an essential aspect of digital forensic readiness. Techniques for capturing log and other event data are familiar from conventional networked hosts and transfer directly to the Cloud context. In both contexts, a major concern is the risk that monitoring systems may be targeted and impaired by intruders seeking to conceal their illicit presence and activities. We outline an approach to intrusion monitoring that aims (i) to ensure the credibility of log data and (ii) provide a means of data sharing that supports log reconstruction in the event that one or more logging systems is maliciously impaired.