Abstract:
Hadoop Cloud Storage has been embraced by
both individuals and organizations as it can offer
cost-effective, large capacity storage and multifunctional
services on a wide range of device. It is
fast raising popularity to access Hadoop Cloud
services via Android device. The widespread usage of
Hadoop Cloud Storage could create the environment
that is potentially conducive to malicious activities
and illegal operations. Thus, the investigation of
Hadoop Cloud presents the emerging challenge for
the digital forensic community. Extracting residual
artifacts from the cloud server is potentially difficult
due to privacy policies followed by cloud providers.
The attached Android device may store useful
artifacts to investigate the illegal usages of Hadoop
Cloud Storage. This paper utilizes Cloudera
Distribution Hadoop (CDH); a popular Hadoop
Cloud Storage. This paper conducts a preliminary
investigation to locate and extract the residual
artifacts from Android device that has accessed the
CDH Cloud. The extracted artifacts can assist the
forensic examiners in real world Hadoop Cloud
forensics. The crime scenario which is extended the
Forensic Copra’s crime case is examined under the
guide of CDH Forensic Investigation Framework.
