Browse > Article
http://dx.doi.org/10.3745/KTCCS.2016.5.5.117

Digital Forensics Investigation of Redis Database  

Choi, Jae Mun (고려대학교 사이버국방학과)
Jeong, Doo Won (고려대학교 정보보호학과)
Yoon, Jong Seong (고려대학교 정보보호학과)
Lee, Sang Jin (고려대학교)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.5, no.5, 2016 , pp. 117-126 More about this Journal
Abstract
Recently, increasing utilization of Big Data or Social Network Service involves the increases in demand for NoSQL Database that overcomes the limitations of existing relational database. A forensic examination of Relational Database has steadily researched in terms of Digital Forensics. In contrast, the forensic examination of NoSQL Database is rarely studied. In this paper, We introduce Redis (which is) based on Key-Value Store NoSQL Database, and research the collection and analysis of forensic artifacts then propose recovery method of deleted data. Also we developed a recovery tool, it will be verified our recovery algorithm.
Keywords
NoSQL; Redis; Database Forensic; Digital Forensic;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 National Information Society Agency, "Big Data era which opens a new future," revised ed., Seoul: NIA, 2013.
2 J. H. Kwon, "The latest trend of NoSQL database," The KIPS, Vol.22, No.4, pp.35-47, 2015.
3 K. S. Lim, D. C. Lee, J. H. Park, and S. J. Lee, "A Novel Database Forensic Technique Using Table Relationship Analysis," Korea Multimedia Society Fall Conference Proceedings, pp.65-68, 2009.
4 D. C. Lee and S. J. Lee, "Research of Organized Data Extraction Method for Digital Investigation in Relational Database System," Journal of The Korea Institute of Information Security and Cryptology, Vol.22, No.3, pp.565-573, 2012.
5 Paul M. Wright, "Oracle database forensics using LogMiner," in Proceedings of the GIAC SANS Institute, Ed., 2005.
6 P. Fruhwirt, P. Kieseberg, S. Schrittwieser, M. Huber, and E. Weippl, "InnoDB Database Forensics : Reconstructing Data Manipulation Queries from Redo Logs," in Proceedings of the IEEE Availability, Reliability and Security, Prague, 2012, pp.625-633.
7 J. H. Choi, D. W. Jung, and S. J. Lee, "The Method of Recovery for Deleted record in Oracle Database," Journal of The Korea Institute of Information Security and Cryptology, Vol.23, No.5, pp.947-955, 2013.   DOI
8 James Wagner, Alexander Rasin, and Jonathan Grier, "Database forensic analysis through internal structure carving," in Proceedings of the Fifteenth Annual DFRWS Conference, Philadelphia, 2015, pp.S106-S115.
9 J. S. Yoon, D. W. Jung, C. H. Kang, and S. J. Lee, "Digital Forensic Investigation of MongoDB," Journal of The Korea Institute of Information Security and Cryptology, Vol.24, No.1, pp.123-134, 2014.   DOI
10 Ming Xu, Xiaowei Xu, Jian Xu, Yizhi Ren, Haiping Zheng, and Ning Zheng, "A Forensic Analysis Method for Redis Database Based on RDB and AOF File," Journal of Computers, Vol.9, No.11, pp.2538-2544, 2014.
11 DB-ENGINES Ranking [Internet], http://www.http://dbengines.com/en/ranking.
12 Eric Redmond and Jim R. Wilson, "Seven Databases in Seven Weeks," ed., Dallas, Texas.Raleigh, North Carolina: The Pragmatic Bookshelf, 2012
13 Redisgate [internet], http://www.redisgate.com/.
14 Redis-rdb-tools [internet], https://github.com/sripathikrishnan/redis-rdb-tools/wiki/Redis-RDB-Dump-File-Format.