The Analysis And Implementation Of Forensics Data By Aggregation Class Method Based On Cloud Computing

The rapid development of Internet technology makes the network bandwidthreach a new height。In the high-speed network environment, using the network forpeople becomes more and more convenient. However, the convenient alsoaccompanied by a variety of security issues. How to accurately and efficiently obtainthe network crime traces is one of the research hotspot in the field of forensics in theface of massive data. Obviously, traditional forensics technology has been unable tomeet the corresponding requirements in the new environment with the data increasingsharply.Cloud computing is both an opportunity and challenge for forensic field. On theone hand cloud computing technology, proposed in recent years, provides a goodsolution for the problems of massive data. On the other hand the cloud itselfdevelopment still not mature, so itself is a lot of security problems. Cloud forensics isthe fusion and absorption of forensics and cloud computing. This paper mainlysummarizes the cloud computing technology, its characteristics and key technologyare introduced. Points out the threats to the cloud combining with the analysis ofcloud platform structure. Combining with cloud computing and forensics of theresearch status and the related key technologies，cloud forensics，the emerging field，is discussed in the paper. In this paper, the four basic processes of cloud forensics ispresented.This paper is aimed at to deal with the network traffic data sets which is aboutDDoS attack using the clustering analysis. The first part of the article summarizes theprinciple, classification, experimental tools and related testing methods of distributeddenial of service attack. Summarized the basic theory of data mining algorithm, and illustrates the process of cluster analysis and several common methods. K-Meansalgorithm as a kind of commonly used clustering algorithm in data mining has goodscalability, high efficiency and good expansionary on large data sets processing. Butits drawback is dependent on the prior knowledge. So this paper presents a distributedoptimized k-means clustering algorithm to solve the evidence of huge amounts ofdata. Finally A simulation experiment system based on cloud environment isimplemented to handle network traffic data with the help of the more popular cloudplatform Hadoop. And take advantage of the relatively classic KDD CUP99datasetverified its effectiveness and feasibility.In this paper, the experimental platform using k-means algorithm, and a coarseclustering to determine the k-means algorithm of parameter values. The results haveimproved a lot. But in the coarse clustering related parameters setting is still not goodmethod. In addition in this paper, the experiment also needs to be more large-scaledata set and the real cases of large-scale cluster to verify. On the other hand, cloudforensics is a two cross disciplines. The whole process of the part is the legal factorswhich cannot be ignored. How to ensure the data before the judiciary personnelavailability and credibility also need efforts of experts and scholars.