Browse > Article

A Database Forensics Model based on Classification by Analysis Purposes  

Kim, Sung-Hye (고려대학교 소프트웨어공학과)
Kim, Jang-Won (고려대학교 컴퓨터.전파통신공학과)
Cho, Eun-Ae (고려대학교 컴퓨터.전파통신공학과)
Baik, Doo-Kwon (고려대학교 컴퓨터.전파통신공학과)
Publication Information
Journal of KIISE:Databases / v.36, no.2, 2009 , pp. 63-72 More about this Journal
Abstract
Digital forensics refers to finding electronic evidences related to crimes. As cyber crimes are increasing daily, digital forensics for finding electronic evidences is also becoming important. At present, various aspects of digital forensics have being researched including the overall process model and analysis techniques such as network forensics, system forensics and database forensics for digital forensics. Regarding database forensics, only analysis techniques dependent on specific vendors have been suggested. And general process models and analysis techniques which can be used in various databases have not been studied. This paper proposes an integrated process model and analysis technique for database forensics. The proposed database forensics model (DFM) allows us to solve problems and analyze databases according to the situation and purpose, and to use a standard model and techniques for various database analyses. In order to test our model(DFM), we applied it to various database analyses. And we confirmed the results of our experiment that it can be applicable to acquisition in the scene as well as analysis of data relationships.
Keywords
Database Forensics; Digital Forensics; Database Security;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 Encase, http://www.encase.com
2 David Litchfield, 'Oracle Forensics Part 1: Dissecting the Redo Logs,' Technical Report, NGSSoftware Insight Security Research(NlSR), March, 2007
3 David Litchfield, 'Oracle Forensics Part 5: Finding Evidence of Data Theft in the Absence of Auditing,' Technical Report, NGSSoftware Insight Security Research(NISR), August 2007
4 Patrick Stahlberg, Gerome Miklau, Neil Levine, 'Threats to privacy in the forensic analysis of database systems,' ACM SIGMOD'07, pp.9l-102, 2007
5 Gary L Palmer, 'A Road Map for Digital Forensic Research,' Technical Report DTR-T0010-01, Digital Forensic Research Workshop(DFRWS), 2001
6 FTK, http://www.accessdata.com
7 David Litchfield, 'Oracle Forensics Part 4: Live Response,' Technical Report, NGSSoftware Insight Security Research(NISR), April 2007
8 Nicole Lang Beebe and Jan Guynes Clark, 'A hierarchical, objectives-based framework for the digital investigations process,' Digital Investigation, Vol.2, No.2, pp.l47-167, 2005   DOI   ScienceOn
9 George Mohay, Alison Anderson, Byron Collie, Oliver de Vel and Rodney McKemmish, 'Computer and Intrusion Forensics,' p. 3, Artech House, 2003
10 Felix Freiling, Heiko Mantel, 'Towards Automating Analysis in Computer Forensics,' pp.21-56, RWTH Aachen University, 2006
11 Ed Crowley, 'Computer Crime and Forensics,' http://isacahouston.org/
12 Gregory S. Miles, 'Computer Forensics: A Critical Process in your incident response plan,' BlackHat Europe Briefings, 2001. htto.z/www.blackhat.corn/
13 Venansius Baryamureeba, Florence Tushabe, 'The Enhanced Digital Investigation Process Model,' Asian Journal of Information Technology, Vol.5, No.7, pp.790-794, 2006
14 이규안, 박대우, 신용태, '포렌식 자료의 무결성 확보를 위한 수사현장의 연계관리 방법 연구', 정보과학회 논문지, 제11권, 제6호, pp.175-184, 2006   과학기술학회마을
15 Kevvie Fowler, 'SQL Server Database Forensics,' Balckhat USA briefings and training 2007. http:// www.blackhat.com/
16 David Litchfield, 'Oracle Forensics Part 6: Examining Undo Segments, Flashback and the Oracle Recycle Bin,' Technical Report, NGSSoftware Insight Security Research (NISR), August 2007
17 David Litchfield, 'Oracle Forensics Part 2: Locating Dropped Objects,' Technical Report, NGSSoftware Insight Security Research(NISR), March 2007
18 Database Forensics, http://en.wikipedia.org/wiki/ Database_Forensics