Malmö University Publications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Proactive Forensics: Keystroke Logging from the Cloud as Potential Digital Evidence for Forensic Readiness Purposes
Faculty of EBIT, University of Pretoria, Pretoria, South Africa.
Faculty of EBIT, University of Pretoria, Pretoria, South Africa.
School of Information Technology, Community College of Qatar, Doha, Qatar.
Malmö University, Faculty of Technology and Society (TS), Department of Computer Science and Media Technology (DVMT).ORCID iD: 0000-0003-4071-4596
Show others and affiliations
2020 (English)In: 2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), IEEE, 2020Conference paper, Published paper (Refereed)
Abstract [en]

The relationship between negative and positive connotations with regard to malware in the cloud is rarely investigated according to the prevailing literature. However, there is a significant relationship between the use of positive and negative connotations. A clear distinction between the two emanates when we use the originally considered malicious code, for positive connotation like in the case of capturing keystrokes in a proactive forensic purpose. This is done during the collection of digital evidence for Digital Forensic Readiness (DFR) purposes, in preparation of a Digital Forensic Investigation (DFI) process. The paper explores the problem of having to use the keystrokes for positive reasons as a piece of potential evidence through extraction and digitally preserving it as highlighted in ISO/IEC 27037: 2012 (security approaches) and ISO/IEC 27043: 2015 (legal connotations). In this paper, therefore, the authors present a technique of how DFR can be achieved through the collection of digital information from the originally considered malicious code. This is achieved without modifying the cloud operations or the infrastructure thereof, while preserving the integrity of digital information and possibly maintain the chain of custody at the same time. The paper proposes that the threshold of malicious code intrusion in the cloud can be transformed to an efficacious process of DFR through logical acquisition and digitally preserving keystrokes. The experiment-tested keystrokes have shown a significant approach that could achieve proactive forensics.

Place, publisher, year, edition, pages
IEEE, 2020.
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mau:diva-51530DOI: 10.1109/iciot48696.2020.9089494Scopus ID: 2-s2.0-85085520616ISBN: 978-1-7281-4821-2 (electronic)ISBN: 978-1-7281-4822-9 (print)OAI: oai:DiVA.org:mau-51530DiVA, id: diva2:1659185
Conference
2020 IEEE International Conference on Informatics, IoT, and Enabling Technologies (ICIoT), Doha, Qatar, 2-5 Feb. 2020
Available from: 2022-05-19 Created: 2022-05-19 Last updated: 2024-09-17Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Kebande, Victor R.

Search in DiVA

By author/editor
Kebande, Victor R.
By organisation
Department of Computer Science and Media Technology (DVMT)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 43 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf