Rapid development of cloud computing brings challenges to digital forensic investigation, where traditional digital forensic tools and methodologies do not apply well. New approaches are needed to overcome emerged problems. This research focuses on analyzing a popular cloud storage service Google Drive in a forensically sound manner. The application programming interface (API) approach is chosen as the main method to perform digital forensic investigation. A sample application is developed to acquire evidence from Google Drive. Experiments were then conducted to evaluate its effect based on results. By comparing the results with other approaches, the API approach proves to be effective and reliable for digital forensic examiners and forensic software developers to consider as an available tool in their arsenal.
Shuijan Yang – 2015