Abstract
When a forensic investigation is carried out in the enterprise environment, most of the important data is stored in database servers, and data stored in them are very important elements for a forensic investigation. As for database servers with such data stored, there are over 10 various kinds, such as SQL Server, Mysql and Oracle. All the methods of investigating a database system are important, but this study suggests a single methodology likely to investigate all the database systems while considering the common characteristics of database system. A method of detecting a server, data acquiring and investigating data in the server can be usefully used for such an investigation in the enterprise environment. Therefore, such a methodology will be explained through a way of carrying out a forensic investigation on SQL Server Database of Microsoft Corporation.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Miklau, G., Levine, B., Stahlberg, P.: Securing history: Privacy and accountability in database systems, http://www.cs.umass.edu/~miklau/pubs/cidr2007/miklau07securing.pdf
Pavlou, K.E., Snodgrass, R.T.: Forensic analysis of database tampering. ACM Transaction on Database Systems 33 (November 2008)
Lee, K., Choi, J., Lim, K., Lee, S., Lee, S.: Novel methodologies to detect covert databases. ICIC International 6, 1–10 (2010)
Han, J., Lee, K., Choi, J., Lim, K., Lee, S.: Analysis of Connection Information for Database Server Detection. IEEE Computer & Science 2, 550–554 (2010)
Jeon, S., Bang, J., Byun, K., Lee, S.: Recovery Method of Deleted Record for SQLite Database. In: WCC 2010, vol. 3, pp. 64–71 (December 2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Son, N., Lee, Kg., Jeon, S., Chung, H., Lee, S., Lee, C. (2011). The Method of Database Server Detection and Investigation in the Enterprise Environment. In: Park, J.J., Lopez, J., Yeo, SS., Shon, T., Taniar, D. (eds) Secure and Trust Computing, Data Management and Applications. STA 2011. Communications in Computer and Information Science, vol 186. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22339-6_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-22339-6_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22338-9
Online ISBN: 978-3-642-22339-6
eBook Packages: Computer ScienceComputer Science (R0)