Abstract:
IT security and privacy has always been a challenging problem to address, but with cloud, there is an exponential increase to the challenge. Once an attacker successfully breaches a cloud system, the intruder will seek to escalate privileges in order to delete the forensic trail, thus covering their tracks. There is little to prevent this from happening in cloud, and this is known as the Cloud Forensic Problem. Under the new European Union General Data Protection Regulation, following a cyber breach, it is necessary for the breached company to report the impact of the breach within 72 hours of becoming aware of the breach. Where the forensic trail has been compromised, this will present a serious compliance challenge. We address this problem through the use of Unikernel based monitoring systems which can ensure both full forensic and audit trails can be maintained. Our early results are very promising. We are continuing our work with a larger pilot study.