Loading…

The Enhanced Forensic Examination and Analysis for Mobile Cloud Platform by Applying Data Mining Methods

Investigating the mobile cloud environment is a challenging task due to the characteristics of voluminous data, dispersion of data, virtualization, and diverse data. Recent research works focus on applying the latest forensic methodologies to the mobile cloud investigation. This paper proposes an en...

Full description

Saved in:
Bibliographic Details
Published in:Webology 2021, Vol.18 (SI01), p.47-74
Main Authors: Alnajjar, Ibrahim Ali, Mahmuddin, Massudi
Format: Article
Language:English
Subjects:
Citations: Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Investigating the mobile cloud environment is a challenging task due to the characteristics of voluminous data, dispersion of data, virtualization, and diverse data. Recent research works focus on applying the latest forensic methodologies to the mobile cloud investigation. This paper proposes an enhanced forensic examination and analysis model for the mobile cloud environment that incorporates timeline analysis, hash filtering, data carving, and data transformation sub-phases to improve the performance of the cloud evidence identification and overall forensic decision-making. It analyzes the timeline of events and filters the case-specific files based on the hash values and metadata using the data mining methods. The proposed forensic model performs the in-place carving on the filtered data to guide the investigation and integrates the heterogeneous file types and distributed pieces of evidence with the assistance of the data mining. Finally, the proposed approach employs LSTM based model that significantly improves the forensic decision making.
ISSN:1735-188X
1735-188X
DOI:10.14704/WEB/V18SI01/WEB18006