Abstract:
Nowadays Hadoop becomes a popular
business paradigm for managing and storing the Big
Data. It is possible for malicious users to abuse Big
Data storage system and the number of illegal usages
on them has increased rapidly. Hadoop Big Data
storage system is an emerging challenge to the
forensic investigators. Therefore procedures for
forensic investigation of Hadoop are necessary.
Forensic investigation may take time without
knowing where the data remnants can reside. This
paper proposes a forensic investigation process
model for Hadoop storage of Hortonworks Data
Platform (HDP) and discovers the important data
remnants. The investigation scope contains not only
on Hadoop Server but also the attached client
machines. The resulting data remnants from
conducting forensic investigation research on
Hadoop HDP assist the forensics examiners and
practitioners for generating the evidences. We also
present the investigation of HDP with a crime
scenario.
