University of Bahrain
Scientific Journals
Cloud Forensic Artifacts: Digital Forensics Registry Artifacts discovered from Cloud Storage Application
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Bajahzar, Mohammed | |
| dc.contributor.author | Mishra, Shailendra | |
| dc.date.accessioned | 2023-07-16T04:03:46Z | |
| dc.date.available | 2023-07-16T04:03:46Z | |
| dc.date.issued | 2023-07-16 | |
| dc.identifier.issn | 2210-142X | |
| dc.identifier.uri | https://journal.uob.edu.bh:443/handle/123456789/4981 | |
| dc.description.abstract | Cloud storage drives have become very popular nowadays for many people around the world. Understanding how to locate, retrieve and acquire cloud-based data may be complex and time-consuming. Standard digital forensic concepts and thorough chain of custody methods are the main discussion topics in most contemporary academic forensic publications. The traditional approach to computer forensics emphasis physically accessing the media that houses the information that could be of factors that could contribute. On the other hand, while working in a cloud computing environment, accessing the physical media is practically not feasible. Data for a given client could be kept decentralized, spanning several data centers and countries, using various virtual servers and physical devices. Due to the data breaches which can occur by cloud-based applications, this research proposed in this paper will focus on gathering evidence from Windows 11 operating systems to discover and collect left over registry artifacts by one of the main cloud storage applications known as OneDrive. Whereas it will imply their existence even after the unlinking and uninstalling of cloud drive applications. This proposed research will show what type of data remnants and where it can be found using the analysis of digital forensic investigator. Also, due to the time consuming to collect registry artifacts with their essential values, a bash script will be built to gather registry artifacts in which will show how data is stored within Windows 11 registry. Moreover, there will be two main approaches for this research, the first approach will be taking a snapshot of Window’s registry after the installation and linking account into the cloud storage application to perform digital forensic investigation on the machine to discover related artifacts in the registry. The second approach is to unlink account and uninstall OneDrive cloud drive applications as well as restarting the machine and then take another snapshot to perform a second forensic investigation to compare evidence gathered on the second approach with evidence gathered on the first approach | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | University of Bahrain | en_US |
| dc.subject | Digital Evidence | en_US |
| dc.subject | Cloud Forensic | en_US |
| dc.subject | Windows 11 Registry | en_US |
| dc.subject | Forensic artifacts | en_US |
| dc.subject | Cybersecurity | en_US |
| dc.title | Cloud Forensic Artifacts: Digital Forensics Registry Artifacts discovered from Cloud Storage Application | en_US |
| dc.identifier.doi | https://dx.doi.org/10.12785/ijcds/XXXXXX | |
| dc.volume | 14 | en_US |
| dc.issue | 1 | en_US |
| dc.pagestart | 1 | en_US |
| dc.pageend | xx | en_US |
| dc.contributor.authorcountry | Saudi Arabia | en_US |
| dc.contributor.authoraffiliation | Majmaah University | en_US |
| dc.source.title | International Journal of Computing and Digital Systems | en_US |
| dc.abbreviatedsourcetitle | IJCDS | en_US |
