Identification of forensic artifacts from the registry of windows 10 device in relation to idrive cloud storage usage

The accessibility of cloud storage over the internet as a result of cloud computing technology provides the opportunity to store, share and upload data online with the use of digital devices which can be accessed anytime and anywhere. These benefits can also be exploited by the cybercriminals to perform various criminal activities including storing and exchanging of illegal materials on cloud storage platforms. The logs of malicious usages can be obtained from the cloud service providers for forensic investigations but the privacy issue among other factors make it difficult for such logs to be shared. Therefore, there is a need to perform client-side forensics to be able to carry out forensic investigation on digital devices as related to the activities on cloud storage. This study identifies relevant artifacts that can be forensically extracted from the registry of a window 10 device that accessed iDrive cloud storage. The study explores different experimental setups for the forensic analysis and adopted an integrated conceptual digital forensic framework in the investigation process to detect relevant forensic artifacts from the registry of a windows 10 device. This study increases the knowledge of cloud storage forensics and the significance of registry analysis during digital investigations.