Title: Forensic Analysis in Cloud Storage with Live Forensics in Windows (Adrive Case Study)

Issue Number: Vol. 8, No. 4
Year of Publication: Dec - 2019
Page Numbers: 292-297
Authors: Tri Rochmadi, Dadang Heksaputra
Journal Name: International Journal of Cyber-Security and Digital Forensics (IJCSDF)
- Hong Kong

Abstract:


Digital era such as now, cloud technology can not be released in our lives. Cloud computing has also become one of the fastest-growing and transformative technologies. In addition to some convenience and comfort in using the cloud, it turns out to cause new problems, namely cybercrime. Cybercrime will be increasingly diverse and allow criminals to innovate with the cloud. Cloud forensics remains an obstacle and challenge for investigators because each cloud provider has a different architecture so different investigations are needed in conducting cloud forensics. In this research, forensic cloud storage research was carried out from ADrive services. Some ADrive features that make it possible for cybercriminals are data can be synchronized with a client application, encrypted and given a password on a file that is on the cloud. This research applies the NIST framework in the investigation process and from the results of the analysis of digital evidence can be detected and found on 3 digital evidence namely RAM, logical drive and Google Chrome Database. Of the three pieces of evidence, the most potential as digital evidence is in RAM and logical drives because of the digital evidence found files uploaded to adrive.