Arwa Ibrahim Ahmed



Software Agent and Cloud Forensics: A Conceptual Framework

pdf PDF


Recently, a number of digital storage and services of computing data is moving towards cloud computing. Due to this movement, in case of attack occur in the cloud this would like more investigation and acquiring. Digital forensics is the application of science to the identification, examination, collection, and analysis of data while preserving the information and maintaining a strict chain of custody for the data. Cloud forensics is the application of digital forensics in cloud computing. In this paper a framework is acquiring the digital forensics for cloud computing is proposed. A framework consists of two main layers, firstly, cloud forensics layer that consists of Cloud Service Provider (CSP), law enforcement, forensics investigators and cloud users. Secondly, Multi Agent System (MAS) architecture layer that consists of two main agents: Cloud Acquiring Agent (CAA) and Cloud Forensics Agent (FCA) are proposed. Our results in the practical scenario defined formally in this paper, show the Round Trip Time (RTT) for an agent to acquire the cloud forensics and measured by the times required for an agent to travel around different number of CSPs before and after the implementation.


Cloud Computing, Cloud Service Provider, Cloud Service Agreement, Digital Forensics, Cloud Forensics, Multi Agent System


[1] S. Biggs and S. Vidalis, "Cloud Computing: The Impact on Digital Forensic Investigations," In Internet Technology and Secured Transactions, 2009. ICITST 2009. International Conference for, 2009, pp. 1-6.

[2] A. M. Talib, R. Atan, R. Abdullah, and M. Azrifah, "CloudZone: Towards an Integrity Layer of Cloud Data Storage Based on Multi Agent System Architecture," In Open Systems (ICOS), 2011 IEEE Conference on, 2011, pp. 127-132.

[3] M. Pollitt and A. Whitledge, "Exploring Big Haystacks," In Advances in digital forensics II: Springer, 2006, pp. 67-76.

[4] B. Martini and K.-K. R. Choo, "An Integrated Conceptual Digital Forensic Framework for Cloud Computing," Digital Investigation, vol. 9, pp. 71- 80, 2012.

[5] P. Mell and T. Grance, "The NIST Definition of Cloud Computing," National Institute of Standards and Technology, Gaithersburg, Maryland, 2011.

[6] K. Kent, S. Chevalier, T. Grance, and H. Dang, "Guide to integrating forensic techniques into incident response," NIST Special Publication, pp. 800-86, 2006.

[7] S. Fugkeaw, P. Manpanpanich, and S. Juntapremjitt, "Multi-Application Authentication Based on Multi-Agent System," In IMECS, 2007, pp. 1316-1321.

[8] E. H. Durfee, V. R. Lesser, and D. D. Corkill, "Trends in Cooperative Distributed Problem Solving," Knowledge and Data Engineering, IEEE Transactions on, vol. 1, pp. 63-83, 1989.

[9] A. M. Talib, R. Atan, R. Abdullah, and M. A. A. Murad, "Towards a Comprehensive Security Framework of Cloud Data Storage Based on Multi Agent System Architecture," Journal of Information Security, vol. 3, p. 295, 2012.

[10] E. Casey, Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet: Academic press, 2011.

[11] S. Thorpe, "An Experimental Survey Towards Engaging Trustable Hypervisor Log Evidence within A Cloud Forensic Environment," International Journal of Computer Science & Information Technology, vol. 4, 2012.

[12] F. Zambonelli, N. R. Jennings, and M. Wooldridge, "Developing Multi-agent Systems: The Gaia methodology," ACM Transactions on Software Engineering and Methodology (TOSEM), vol. 12, pp. 317-370, 2003.

[13] M. J. North, N. T. Collier, and J. R. Vos, "Experiences Creating Three Implementations of the Repast Agent Modeling Toolkit," ACM Transactions on Modeling and Computer Simulation (TOMACS), vol. 16, pp. 1-25, 2006.

[14] J. P. Bigus, D. A. Schlosnagle, J. R. Pilgrim, W. N. Mills Iii, and Y. Diao, "ABLE: A Toolkit for Building Multi-agent Autonomic Systems," IBM Systems Journal, vol. 41, pp. 350-371, 2002.

[15] V. S. Chawathe and B. B. Meshram, "Cloud Forensics-An IS Approach," 2012.

[16] D. Birk, "Technical Challenges of Forensic Investigations in Cloud Computing Environments," In Workshop on Cryptography and Security in Clouds, 2011, pp. 1-6.

[17] S. Zawoad and R. Hasan, "Cloud Forensics: A Meta-Study of Challenges, Approaches, and Open Problems," arXiv preprint arXiv:1302.6312, 2013.

[18] J. Dykstra and A. T. Sherman, "Acquiring Forensic Evidence From Infrastructure-as-a-service Cloud Computing: Exploring and Evaluating Tools, Trust, and Techniques," Digital Investigation, vol. 9, pp. S90-S98, 2012.

[19]M. Taylor, J. Haggerty, D. Gresty, and D. Lamb, "Forensic Investigation of Cloud Computing Systems," Network Security, vol. 2011, pp. 4-10, 2011.

[20] National Institute of Standards and Technology. Test Results for Digital Data Acquisition Tool: FTK Imager Available at http://www.ncjrs.gov/pdffiles1/nij/222982.pdf; 2008. Last accessed September 21, 2011.

[21] L. Padgham and M. Winikoff, Developing Intelligent Agent Systems: A practical guide vol. 13: John Wiley & Sons, 2005.

Cite this paper

Arwa Ibrahim Ahmed. (2016) Software Agent and Cloud Forensics: A Conceptual Framework. International Journal of Computers, 1, 166-172


Copyright © 2017 Author(s) retain the copyright of this article.
This article is published under the terms of the Creative Commons Attribution License 4.0