Background: Gathering and scrutinizing the different types of logs are the vital steps in
the forensic domain. Logs are commonly gathered by the cloud service providers or by some third
party layers which are governed by the cloud service providers. Security of the logs is a crucial
issue as the logs can be tampered accidentally or intentionally by an employee in the cloud service
provider’s organization or by the forensic investigator.
Objective: The algorithm designed assists in verifying the tampering of the virtual instance logs
which can be accidental or intentional. Verification process confirms that the confidentiality and
integrity of the logs remains intact. Verification of the potential evidence for past logs is normally
carried out by the forensic investigator and the auditor.
Methods: The uniqueness of the research conducted in this paper is a technique which employs
the cuckoo filter, which is supportive in proving the integrity of the potential evidences for past
logs at a faster pace. The probabilistic data structures cuckoo filter and the bloom filter also support
the concealment of logs.
Results: The implemented system and the results observed in it, are very promising in the cloud
forensic domain. The performance of the algorithm is better than the earlier system implemented
with the log chain and the database.
Conclusion: The secure framework designed in this research paper aids in proving the integrity of
the virtual instance logs. The evidence verification process supports concealment of data also.