Assembling Metadata for Database Forensics
Saved in:
| Title: | Assembling Metadata for Database Forensics |
|---|---|
| Authors: | Beyers, Hector, Olivier, Martin, Hancke, Gerhard |
| Contributors: | University of Pretoria South Africa, Dimension Data Johannesburg, Gilbert Peterson, Sujeet Shenoi, TC 11, WG 11.9 |
| Source: | IFIP Advances in Information and Communication Technology ; 7th Digital Forensics (DF) ; https://inria.hal.science/hal-01569562 ; 7th Digital Forensics (DF), Jan 2011, Orlando, FL, United States. pp.89-99, ⟨10.1007/978-3-642-24212-0_7⟩ |
| Publisher Information: | CCSD Springer |
| Publication Year: | 2011 |
| Subject Terms: | Database forensics, metadata, data model, application schema, [INFO]Computer Science [cs] |
| Subject Geographic: | Orlando, FL, United States |
| Description: | Part 2: FORENSIC TECHNIQUES ; International audience ; Since information is often a primary target in a computer crime, organizations that store their information in database management systems (DBMSs) must develop a capability to perform database forensics. This paper describes a database forensic method that transforms a DBMS into the required state for a database forensic investigation. The method segments a DBMS into four abstract layers that separate the various levels of DBMS metadata and data. A forensic investigator can then analyze each layer for evidence of malicious activity. Tests performed on a compromised PostgreSQL DBMS demonstrate that the segmentation method provides a means for extracting the compromised DBMS components. |
| Document Type: | conference object |
| Language: | English |
| DOI: | 10.1007/978-3-642-24212-0_7 |
| Availability: | https://inria.hal.science/hal-01569562 https://inria.hal.science/hal-01569562v1/document https://inria.hal.science/hal-01569562v1/file/978-3-642-24212-0_7_Chapter.pdf https://doi.org/10.1007/978-3-642-24212-0_7 |
| Rights: | http://creativecommons.org/licenses/by/ ; info:eu-repo/semantics/OpenAccess |
| Accession Number: | edsbas.470648DC |
| Database: | BASE |
Nájsť tento článok vo Web of Science | Abstract: | Part 2: FORENSIC TECHNIQUES ; International audience ; Since information is often a primary target in a computer crime, organizations that store their information in database management systems (DBMSs) must develop a capability to perform database forensics. This paper describes a database forensic method that transforms a DBMS into the required state for a database forensic investigation. The method segments a DBMS into four abstract layers that separate the various levels of DBMS metadata and data. A forensic investigator can then analyze each layer for evidence of malicious activity. Tests performed on a compromised PostgreSQL DBMS demonstrate that the segmentation method provides a means for extracting the compromised DBMS components. |
|---|---|
| DOI: | 10.1007/978-3-642-24212-0_7 |