Digital Evidence Acquisition System on IAAS Cloud Computing Model using Live Forensic Method

Didik Sudyana, Nora Lizarti


Cloud Computing is a technological development that has been warmly discussed in recent years and has seen significant increases in usage, especially on the IAAS Cloud Computing model. The high rate of development of IAAS Cloud Computing model is in line with the high number of crimes involving IAAS Cloud Computing model on server virtualization. When a computer crime occurs and a digital forensic investigation will be carried out to uncover the case, it raises issues related to the acquisition of digital evidence. Because the acquisition model in general, it is done only to one operating system, while in virtualization there is more than one operating system, so the acquisition technique in general cannot be used because it takes only one operating system involved crime, and cannot acquire the whole data server related privacy data in other virtual operating systems. Therefore, research to make the acquisition system of server virtualization is needed. The focus in this research is to make system acquisition in server virtualization Proxmox using the live forensic method to produce a system that can acquire virtualization without disrupting the overall data server and in accordance with the principle of digital forensics. The resulting acquisition system can be a reference for investigators to investigate the IAAS Cloud Computing model on Proxmox virtualization and facilitate the investigator's work in the use of the system because the investigator simply chooses which virtual operating system to acquire, after which the system will work on its own the acquisition.


Cloud Computing; Cloud Forensics; Virtualization Forensics

Full Text:



S. Marston, Z. Li, S. Bandyopadhyay, J. Zhang, and A. Ghalsasi, “Cloud computing — The business perspective,” Decis. Support Syst., vol. 51, no. 1, pp. 176–189, 2011.

L. Columbus, “Roundup Of Cloud Computing Forecasts,” Forbes, 05-Oct-2017.

L. Malhotra, D. Agarwal, and A. Jaiswal, “Virtualization in Cloud Computing,” Inf. Technol. Softw. Eng., vol. 4, no. 2, pp. 2–4, 2014.

S. Alqahtany and C. Reich, “A Forensic Acquisition and Analysis System for IaaS : Architectural Model and Experiment,” pp. 345–354, 2016.

I. Riadi, A. Yudhana, M. Caesar, and F. Putra, “Forensic Tool Comparison on Instagram Digital Evidence Based on Android with The NIST Method,” Sci. J. Informatics, vol. 5, no. 2, pp. 235–247, 2018.

D. Sudyana, Y. Prayudi, and B. Sugiantoro, “Analysis and Evaluation Digital Forensic Investigation Framework Using ISO 27037 : 2012,” Int. J. Cyber-Security Digit. Forensics, vol. 8, no. January, pp. 1–14, 2019.

Badan Standarisasi Nasional, SNI 27037:2014 tentang Teknologi Informasi - Teknik Keamanan - Pedoman Identifikasi, pengumpulan, Akuisisi, dan Preservasi Bukti Digital. Jakarta, 2014.

J. Dykstra and A. T. Sherman, “Acquiring Forensic Evidence from Infrastructure-as-a-Service Cloud Computing : Exploring and Evaluating Tools , Trust , and Techniques,” Digit. Investig., no. Vm, 2012.

R. Poisel, E. Malzer, and S. Tjoa, “Evidence and cloud computing: The virtual machine introspection approach,” J. Wirel. Mob. Networks, Ubiquitous Comput. Dependable Appl., vol. 4, no. 1, pp. 135–152, 2013.

P. Digambar, “A Novel Digital Forensic Framework for Cloud Computing Environment,” BIRLA INSTITUTE OF TECHNOLOGY AND SCIENCE, 2015.

S. Lim, B. Yoo, J. Park, K. Byun, and S. Lee, “A research on the investigation method of digital forensics for a VMware Workstation’s virtual machine,” Math. Comput. Model., vol. 55, no. 1–2, pp. 151–160, 2012.

E. Wahyudi, I. Riadi, and Y. Prayudi, “Virtual Machine Forensic Analysis And Recovery Method For Recovery And Analysis Digital Evidence,” Int. J. Comput. Sci. Inf. Secur., vol. 16, no. 2, pp. 1–7, 2018.

M. Rafique and M. N. A. Khan, “Exploring Static and Live Digital Forensics: Methods, Practices and Tools,” Int. J. Sci. Eng. Res., vol. 4, no. 10, pp. 1048–1056, 2013.

W. Ahmed, Mastering Proxmox - Second Edition, 2nd ed. Packt Publishing, 2016.



Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.