Abstract
The modern computer environment has moved past the
local data center with a single entry and exit point to a global
network comprising many data centers and hundreds of entry
and exit points, commonly referred as Cloud Computing, used by
all possible devices with numerous entry and exit point for
transactions, online processing, request and responses traveling
across the network, making the ever complex networks even
more complex, making traversing, monitoring and detecting
threats over such an environment a big challenge for Network
forensic and investigation for cybercrimes. It has demanded in
depth analysis using network tools and techniques to determine
how best information can be extracted pertinent to an
investigation. Data mining technique providing great aid in
finding relevant clusters for predicting unusual activities, pattern
matching and fraud detection in an environment, capable to deal
with huge amount of data. The concept of network forensics in
cloud computing requires a new mindset where some data will
not be available, some data will be suspect, and some data will be
court ready and can fit into the traditional network forensics
model. From a network security viewpoint, all data traversing
the cloud network backplane is visible and accessible by the
cloud service provider. It is not possible to think now that one
physical device will only have one operating system that needs to
be taken down for investigation. Without the network forensics
investigator, understanding the architecture of the cloud
environment systems and possible compromises will be
overlooked or missed. In this paper, we focus on the role of
Network Forensic in a cloud environment, its mapping few of the
available tools and contribution of Data Mining in making
analysis, and also to bring out the challenges in this field.