Big Data Analytics Framework for Cloud-Based Digital Forensic Investigations
Abstract
The rapid expansion of cloud computing infrastructures has introduced significant challenges in conducting reliable digital forensic investigations due to the distributed and dynamic nature of cloud-hosted data. This study proposes a scalable big data analytics framework designed to enhance the efficiency of cloud-based forensic investigations through automated evidence acquisition, semantic data harmonization, and intelligent anomaly detection. The proposed framework was evaluated in a simulated multi-cloud environment using real-time telemetry streams and heterogeneous forensic datasets. Experimental results demonstrate a 36.8% reduction in evidence acquisition latency and a harmonization accuracy of 93.2% across distributed data sources. Furthermore, the anomaly detection module achieved a detection accuracy of 93.0% with an F1-score of 91.6%, outperforming baseline forensic models by an average margin of 7.5%. The framework also demonstrated a timeline reconstruction efficiency of 91.7%, enabling accurate correlation of temporally dispersed cyber-attack events.