Cloud computing has a new edge computing paradigm these days. Sometimes cloud computing architectures don't support for computer forensics investigations. Analyzing various types of logs and logging mechanism plays an important role in computer forensics. Distributed nature and the multi-tenant cloud models, where many users share the same processing and network resources, collecting, storing and analyzing logs from a cloud is very hard. User activity logs can be a valuable source of

more »

... in cloud forensic investigations. Generally, Cloud service providers have access to activity logs of cloud user and CSP can tamper the logs so that investigator cannot reach to the real culprit. In such an environment, log security is one of challenge in the cloud. Logging technique is used to monitor employee's behavior, to keep track of malicious activities and prevent cloud networks from intrusion by well-known organizations. Ensuring the reliability and integrity of logs is crucial. Most existing solutions for secure logging are designed for traditional systems rather than the complexity of a cloud environment. In the proposed framework secure logging environment is provided by storing and processing activity logs and encrypting using advanced encryption method. It detects DDoS (distributed denial of service) attack on cloud infrastructure by using the published logs on cloud and thus helpful in cloud forensics. It is detected by the investigator using available application activity logs in the cloud server. Searchable encryption algorithm will be used to increase the security of the logging mechanism and to maintain confidentiality and privacy of user data. Proof of past (PPL) logs is created by storing logs at more than one place. This PPL helps in the verification process of changed logs by CSP the actual implementation of this application on AWS Infrastructure as a service ( IAAS ) cloud shows real-time use of this structure