Novel Methodologies to Detect Covert Databases
نویسندگان
چکیده
Companies have substituted paper based systems with IT systems, such as DBMS (Database Management System), EDMS (Electronic Document Management System), and ERP (Enterprise Resource Planning) system. We should focus our attention on discovering sensitive information in a database server, since the majority of corporations use DBMS. However, concealment is difficult to observe and detect, because perpetrators do their best to hide their illegal activities. In particular, we need to consider the case of a covert database server. This paper proposes methodologies to detect covert database servers that would be helpful to forensic investigators. Therefore, we describe an example of a covert database server and suggest several detection techniques. Finally, we provide an investigation scenario that applies our methodology in the real world.
منابع مشابه
غربالگری میکروارگانیسم های جدید و ژن های مفید آنها: از روش های سنتی تا متاژنومیکس
Metagenomics is a discipline that enables the genomic study of unculturaled microorganisms. Microorganisms constitute two third of the Earth’s biological diversity. In many environments, 99% of the microorganisms cannot be cultured by standard techniques. Culture-independent methods are required to study the genetic diversity, population structure and ecological roles of the majority of o...
متن کاملAn Effective Covert Timing Channels Detection: Support Vector Machine & Hyperbolic Hopfield Neural Network
A network covert channel is a mechanism that can be used to leak information across a network in violation of a security policy and in a manner that can be difficult to detect. Detecting and preventing covert channels is particularly important for multilevel security systems in which processes working with classified information may leak information to processes with a lower classification leve...
متن کاملA novel covert channel based on the IP header record route option
In this paper we propose a novel covert channel for exchanging secret information, based on the IP header record route options. Instead of encrypting a secret message or embedding it into a multimedia object, as in traditional steganography, we process the entire message and generate several IP packets with different types to carry the secret information. Thereby we foil an eavesdropper who is ...
متن کاملCovert Channel Analysis and Detection using Reverse Proxy Servers
Data hiding methods can be used by intruders to communicate over open data channels (Wolf 1989; McHugh 1995; deVivo, deVivo et al. 1999), and can be used to overcome firewalls, and most other forms of network intrusion detection systems. In fact, most detection systems can detect hidden data in the payload, but struggle to cope with data hidden in the IP and TCP packet headers, or in the sessio...
متن کاملCovert Channel Analysis and Detection with Reverse Proxy Servers using Microsoft Windows
Data hiding methods can be used by intruders to communicate over open data channels (Wolf 1989; McHugh 1995; deVivo, deVivo et al. 1999), and can be used to overcome firewalls, and most other forms of network intrusion detection systems. In fact, most detection systems can detect hidden data in the payload, but struggle to cope with data hidden in the IP and TCP packet headers, or in the sessio...
متن کامل