CFP last date
21 July 2025
Call for Paper
August Edition
IJCA solicits high quality original research papers for the upcoming August edition of the journal. The last date of research paper submission is 21 July 2025

Submit your paper
Know more
The week's pick
Responsive image
FORENSIC ANALYSIS FRAMEWORKS FOR ENCRYPTED CLOUD STORAGE INVESTIGATIONS

Joy Awoleye Sarah Mavire Allan Munyira Kelvin Magora
Random Articles
Reseach Article

Forensic Analysis Frameworks for Encrypted Cloud Storage Investigations

by Joy Awoleye, Sarah Mavire, Allan Munyira, Kelvin Magora
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 187 - Number 17
Year of Publication: 2025
Authors: Joy Awoleye, Sarah Mavire, Allan Munyira, Kelvin Magora
10.5120/ijca2025925241

Joy Awoleye, Sarah Mavire, Allan Munyira, Kelvin Magora . Forensic Analysis Frameworks for Encrypted Cloud Storage Investigations. International Journal of Computer Applications. 187, 17 ( Jun 2025), 8-19. DOI=10.5120/ijca2025925241

@article{ 10.5120/ijca2025925241,
author = { Joy Awoleye, Sarah Mavire, Allan Munyira, Kelvin Magora },
title = { Forensic Analysis Frameworks for Encrypted Cloud Storage Investigations },
journal = { International Journal of Computer Applications },
issue_date = { Jun 2025 },
volume = { 187 },
number = { 17 },
month = { Jun },
year = { 2025 },
issn = { 0975-8887 },
pages = { 8-19 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume187/number17/forensic-analysis-frameworks-for-encrypted-cloud-storage-investigations/ },
doi = { 10.5120/ijca2025925241 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2025-06-30T23:52:19+05:30
%A Joy Awoleye
%A Sarah Mavire
%A Allan Munyira
%A Kelvin Magora
%T Forensic Analysis Frameworks for Encrypted Cloud Storage Investigations
%J International Journal of Computer Applications
%@ 0975-8887
%V 187
%N 17
%P 8-19
%D 2025
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The use of encryption in cloud storage is so rampant that traditional hard disk imaging and file carving methods are no longer as good. Traditional methods are compromised by encrypted data, especially in such distributed infrastructures that do not allow direct fetching. The layered forensic framework in this research targets the impediments of client-side and provider-managed encryption in cloud ecosystems. The framework includes three different investigative components: Type 1 analysis, interpretation of the system logs, and data metadata evaluation. By concentrating on unique weaknesses in cryptologic systems, the framework enables indirect restoration and recovery in the absence of regular access procedures. To carry out simulated practical encrypted cloud activities, a testbed was developed, consisting of VeraCrypt containers, AWS-like logging schemes, along with standard endpoint metadata. To assess the framework, open-source tools including Volatility, ELK Stack, and EnCase were deployed to compare performance with traditional forensic procedures. The analysis showed significant improvements in terms of recovery of encryption keys, reliability of rebuilding sessions, and more effective sketching of behaviour. The framework brought 65% (compared to less than 5% baseline) recovery of the encryption keys; ensured 80% session reconstruction completeness (compared to only 35%); and discovered 70% of behavioural patterns (compared to 30%). For the legal and ethical considerations, the framework used only the non-content artefact, and its analysis was organised in accordance with the GDPR rules. Through the provision of a modular, provider-independent approach to cloud-based encrypted forensics, the present study furthers future developments in mobile, IoT, and cross-border cloud-based data investigations. The study demonstrates that when indirect artefacts are placed in a structured, unified package, they offer strong, admissible digital evidence in encryption-based contexts.

References
  1. Gao, Y., Q. Li, L. Tang, Y. Xi, P. Zhang, W. Peng, B. Li, Y. Wu, S. Liu, and L. Yan. 2021. "When cloud storage meets {RDMA}." In 18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21), 519–533.
  2. Ghani, A., A. Badshah, S. Jan, A. A. Alshdadi, and A. Daud. 2020. "Issues and challenges in cloud storage architecture: a survey." arXiv Preprint arXiv:2004.06809.
  3. Yang, P., N. Xiong, and J. Ren. 2020. "Data security and privacy protection for cloud storage: A survey." IEEE Access 8: 131723–131740. https://doi.org/10.1109/access.2020.3010183.
  4. Atadoga, A., O. A. Farayola, B. S. Ayinla, O. O. Amoo, T. O. Abrahams, and F. Osasona. 2024. "A comparative review of data encryption methods in the USA and Europe." Computer Science & IT Research Journal 5, no. 2: 447–460.
  5. Smid, M. E. 2021. "Development of the advanced encryption standard." Journal of Research of the National Institute of Standards and Technology 126: 126024.
  6. Gonzalez, O. 2019. "Cracks in the armor: Legal approaches to encryption." U. Ill. JL Tech. & Pol’y 1.
  7. Can, M. A., E. Öztürk, and E. Savaş. 2019. "Design and implementation of encryption/decryption architectures for BFV homomorphic encryption scheme." IEEE Transactions on Very Large Scale Integration (VLSI) Systems 28, no. 2: 353–362.
  8. Purnaye, P., and V. Kulkarni. 2021. "A Comprehensive Study of Cloud Forensics." Archives of Computational Methods in Engineering 29, no. 1. https://doi.org/10.1007/s11831-021-09575-w.
  9. Alenezi, A. M. 2024. "Beyond The Clouds: Investigating Digital Crimes In Cloud Environments." https://doi.org/10.2139/ssrn.4977348.
  10. Fernandes, D., D. Clemente, G. Soares, P. Sebastiao, F. Cercas, R. Dinis, and L. S. Ferreira. 2020. "Cloud-Based Implementation of an Automatic Coverage Estimation Methodology for Self-Organising Network." IEEE Access 8: 66456–66474. https://doi.org/10.1109/access.2020.2986437.
  11. Khan, Y., and S. Varma. 2020. "Development and Design Strategies of Evidence Collection Framework in Cloud Environment." In Social Networking and Computational Intelligence, 27–37. https://doi.org/10.1007/978-981-15-2071-6_3.
  12. Pisaric, M. 2022. "Communications encryption as an investigative obstacle." J. Crimin. & Crim. L. 60: 61.
  13. Shabbir, A., A. S. Anwar, N. Taslima, S. M. Abu, A. R. Sikder, and G. S. Sidhu. 2024. "Analyzing enterprise data protection and safety risks in cloud computing using ensemble learning." International Journal on Recent and Innovation Trends in Computing and Communication 12, no. 2: 499–507.
  14. Veen, J., and S. Boeke. 2020. "Which is more important: online privacy or national security?: The Dutch position in the ongoing encryption debate." Atlantisch Perspectief 44, no. 4: 36–40.
  15. Uphoff, M., M. Wander, T. Weis, and M. Waltereit. 2018. "SecureCloud: An Encrypted, Scalable Storage for Cloud Forensics." https://doi.org/10.1109/trustcom/bigdatase.2018.00294.
  16. Sandhu, A. K. 2021. "Big data with cloud computing: Discussions and challenges." Big Data Mining and Analytics 5, no. 1: 32–40.
  17. Khanchandani, M., and N. Dave. 2021. "Analysis of Cloud Forensics : Review and Impact on Digital Forensics Aspects." International Journal of Scientific Research in Science and Technology: 639–646. https://doi.org/10.32628/ijsrst2182118.
  18. Schlepphorst, S., K.-K. R. Choo, and N.-A. Le-Khac. 2020. "Digital Forensic Approaches for Cloud Service Models: A Survey." In Studies in Big Data, 175–199. https://doi.org/10.1007/978-3-030-47131-6_8.
  19. Beaubrun, R., and A. Quintero. 2021. "An Access Control Architecture for Securing MultiTenancy Cloud Environments." International Journal on Advances in Security 14, no. 1 & 2.
  20. Svensson, J., and S. Wouters. 2024. "Navigating the Shadows: Overcoming Obstacles Posed by Antiforensic Tools."
  21. Blessing, O. T., and A. O. Mary. 2023. "Cryptographic techniques for data privacy in digital forensics." IEEE Access 11: 142392–142410.
  22. Deng, S., H. Zhao, B. Huang, C. Zhang, F. Chen, Y. Deng, J. Yin, S. Dustdar, and A. Y. Zomaya. 2024. "Cloud-Native Computing: A Survey From the Perspective of Services." Proceedings of the IEEE 112, no. 1: 12–46. https://doi.org/10.1109/JPROC.2024.3353855.
  23. Balogun, V., and O. A. Sarumi. 2020. "A Cooperative Spectrum Sensing Architecture and Algorithm for Cloud- and Big Data-based Cognitive Radio Networks." In 2020 6th International Conference on Computing and Engineering Communications (CCECE), 1–5. https://doi.org/10.1109/ccece47787.2020.9255729.
  24. Mittal, S., C. Monga, K. Upreti, N. Kumar, R. D. Raut, and M. S. Alam. 2022. "Light Weight Cryptography for Cloud-Based E-Health Records." In 2022 7th International Conference on Communication and Electronics Systems (ICCES), 690–696. https://doi.org/10.1109/icces54183.2022.9835827.
  25. Roudev, N., and L. Baker. 2022. "Deconstructing the regulatory impact of the US CLOUD Act: An optimal regulatory approach to ensuring access to data in the cloud?" Journal of Data Protection & Privacy 5, no. 3: 230–241. https://www.ingentaconnect.com/content/hsp/jdpp/2022/00000005/00000003/art00005.
  26. Ateeq, A., M. A. Alaghbari, R. A. Ateeq, and A. Y. Ahmed. 2024. "Understanding and Addressing Data Security and Privacy Concerns in Modern Cloud Computing Systems." https://doi.org/10.1109/icetsis61505.2024.10459534.
  27. Rojszczak, M. 2020. "CLOUD act agreements from an EU perspective." Computer Law & Security Review 38: 105442. https://doi.org/10.1016/j.clsr.2020.105442.
  28. Sharma, P., R. Jindal, and M. D. Borah. 2020. "Blockchain Technology for Cloud Storage." ACM Computing Surveys 53, no. 4: 1–32. https://doi.org/10.1145/3403954.
  29. Herzig, T. W. 2020. "Audit Logging." In HIMSS Publishing EBooks, 45–54. https://doi.org/10.4324/9781003126331-6.
  30. Zhang, X., Y. Xu, Q. Lin, B. Qiao, H.-Y. Zhang, Y. Dang, C. Xie, X. Yang, Q. Cheng, Z. Li, J. Chen, X.-T. He, R. Yao, J.-G. Lou, M. Chintalapati, F. Shen, and D. Zhang. 2019. "Robust log-based anomaly detection on unstable log data." In Foundations of Software Engineering. https://doi.org/10.1145/3338906.3338931.
  31. C hothia, Z. 2020. "Explaining, Measuring and Predicting Effects in Layered Data Architectures." PhD diss., ETH Zurich. https://doi.org/10.3929/ethz-b-000503615.
  32. He, S., P. He, Z. Chen, T. Yang, Y. Su, and M. R. Lyu. 2021. "A Survey on Automated Log Analysis for Reliability Engineering." ACM Computing Surveys 54, no. 6: 1–37. https://doi.org/10.1145/3460345.
  33. Lazar, D., Y. Gilad, and N. Zeldovich. 2019. "Yodel: Strong Metadata Security for Voice Calls." In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, 1–15. https://doi.org/10.1145/3341301.3359648.
  34. Zunaidi, M. R., A. Sayakkara, and M. Scanlon. 2024. "Systematic Literature Review of EM-SCA Attacks on Encryption." arXiv.org, February 15. https://doi.org/10.48550/arXiv.2402.10030.
  35. Shahzad, K., T. Zia, and E.-H. Qazi. 2022. "A Review of Functional Encryption in IoT Applications." Sensors 22, no. 19: 7567. https://doi.org/10.3390/s22197567.
  36. Turki, M., G. El Boussaidi, I. Benzarti, and H. Mili. 2024. "Evaluating Open Source IoT Platforms: A GitHub Analysis." In Proceedings of the ACM/IEEE 6th International Workshop on Software Engineering Research & Practices for the Internet of Things, 14–21. https://doi.org/10.1145/3643794.3648348.
  37. Sherman, S., and J. Dykstra. 2013. Cybersecurity: A New Look at Security Metrics. Apress.
  38. Naeem, H., S. Dong, O. J. Falana, and F. Ullah. 2023. "Development of a deep stacked ensemble with process based volatile memory forensics for platform independent malware detection and classification." Expert Systems with Applications 223: 119952–119952. https://doi.org/10.1016/j.eswa.2023.119952.
  39. Chen, Y., C. Li, M. Lv, X. Shao, Y. Li, and Y. Xu. 2019. "Explicit Data Correlations-Directed Metadata Prefetching Method in Distributed File Systems." IEEE Transactions on Parallel and Distributed Systems 30, no. 12: 2692–2705. https://doi.org/10.1109/tpds.2019.2921760.
  40. Zhang, M. 2022. "Forensic imaging: a powerful tool in modern forensic investigation." Forensic Sciences Research 7, no. 3: 1–8. https://doi.org/10.1080/20961790.2021.2008705.
  41. Groß, T., M. Busch, and T. Müller. 2021. "One key to rule them all: Recovering the master key from RAM to break Android’s file-based encryption." Forensic Science International: Digital Investigation 36: 301113. https://doi.org/10.1016/j.fsidi.2021.301113.
  42. Lazar, A. 2020. "Innovative Peacekeeping: The Potential of Digital Technologies in CSDP Operations." Dspace.cuni.cz. https://dspace.cuni.cz/handle/20.500.11956/177248.
  43. Kim, D.-H., S. Oh, and T. Shon. 2023. "Digital forensic approaches for metaverse ecosystems." Forensic Science International: Digital Investigation 46: 301608–301608. https://doi.org/10.1016/j.fsidi.2023.301608.
  44. Chothia, Z. 2020. "Explaining, Measuring and Predicting Effects in Layered Data Architectures." PhD diss., ETH Zurich. https://doi.org/10.3929/ethz-b-000503615.
Index Terms

Computer Science
Information Sciences

Keywords

Cloud Forensics Encrypted Cloud Storage Digital Forensics Forensic Framework Encryption Metadata Analysis Log Analysis Memory Forensics

Powered by PhDFocusTM