Arguments and Methods for Database Data Model Forensics
نویسندگان
چکیده
A Database Management System (DBMS) consists of metadata and data. The metadata influences the way the data is presented to the user and this presents various forensic complications. The data model can be viewed as the highest level of metadata which governs the way other metadata and data in the DBMS are presented to the user. The data model can be modified to hide or tamper with forensic evidence. In this study the focus is on the data model of the DBMS and arguments are provided to indicate why the data model is an important consideration when conducting a forensic investigation on a DBMS. Various methods are presented to transform the data model into a desired state for a forensic investigation and these methods are measured against set out criteria. No one method is adequate for every forensic investigation. A forensic investigator should understand the various methods and select the correct data model state and method to convert the data model into that required state.
منابع مشابه
A Logic-Based Network Forensic Model for Evidence Analysis
Modern-day attackers tend to use sophisticated multi-stage/multi-host attack techniques and anti-forensics tools to cover their attack traces. Due to the limitations of current intrusion detection and forensic anal ysis tools, reconstructing attack scenarios from evidence left behind by the attackers of an enterprise system is challenging. In particular, re constructing attack scenarios by us...
متن کاملThe Application of Apriori Algorithm for Network Forensics Analysis
With frequently network attack crimes, it causes serious economic loss and bad social influence. Network security products are practically impossible to guard against intrusion methods, network forensics is needed. The massive network data must be captured and analyzed in network forensics, and the data is often related, the application of Apriori algorithm is proposed for network forensics ana...
متن کاملReconstruction in Database Forensics
The increasing usage of databases in the storage of critical and sensitive information in many organizations has led to an increase in the rate at which databases are exploited in computer crimes. Databases are often manipulated to facilitate crimes and as such are usually of interest during many investigations as useful information relevant to the investigation can be found therein. A branch o...
متن کاملMetadata Enrichment for Automatic Data Entry Based on Relational Data Models
The idea of automatic generation of data entry forms based on data relational models is a common and known idea that has been discussed day by day more than before according to the popularity of agile methods in software development accompanying development of programming tools. One of the requirements of the automation methods, whether in commercial products or the relevant research projects, ...
متن کاملMultimedia Forensics Is Not Computer Forensics
The recent popularity of research on topics of multimedia forensics justifies reflections on the definition of the field. This paper devises an ontology that structures forensic disciplines by their primary domain of evidence. In this sense, both multimedia forensics and computer forensics belong to the class of digital forensics, but they differ notably in the underlying observer model that de...
متن کامل