skip to main content
10.1145/1940941.1940958acmotherconferencesArticle/Chapter ViewAbstractPublication PagesinfoseccdConference Proceedingsconference-collections
research-article

Database forensics

Published: 01 October 2010 Publication History

Abstract

At the user or surface level, most Database Management System (DBMS) are similar. Most databases contain multiple tables, a standardized query language, primary key, foreign key, referential integrity, and metadata. With regard to physical file structures, concurrency mechanisms, security mechanisms, query optimization and datawarehouse techniques, databases may be radically different from each other. Most Forensic tools are too time consuming to be applied to large databases. Meanwhile, database tools such as oracle logminer and auditing features can assist in forensics, but were not created for that purpose. Many of these tools alter the database in ways that may complicate the use of their results in a legal proceeding. This paper analyzes the challenges of digital forensics, related literature, topics involved, current options for performing forensics on databases as well as considerations in teaching database forensics.

References

[1]
Betjlich, Richard, Proactive vs Reactive Security, TaoSecurity, Retrieved on August 1, 2010 from http://taosecurity.blogspot.com/2007/03/proactive-vs-reactive-security.html
[2]
Kroenke, David M., Database Concepts 4th edition, ISBN 0136086535, Prentice Hall, 2009.
[3]
Litchfield, David (2008) - Oracle Forensics Analysis Using the Forensic Examiners Database Scalpel (FEDS) Tool, ISBN:9780470191187, Wiley, 2008.
[4]
Pete Finnigan (2004) -- Oracle Forensics module -- SANS training, Retrieved on July 1, 2010 from http://www.petefinnigan.com/Oracle_Forensics.pdf
[5]
Wright, Paul, Oracle Forensics: -- ISBN-10-0977671526., Rampant Techpress, 2010.
[6]
Litchfield, David, Oracle Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/oracle-forensics.htm
[7]
Litchfield, David, MS SQL Server Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/sql-server-forensics.htm
[8]
Litchfield, David, Oracle Security, DB2 Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/db2.htm
[9]
Litchfield, David, Oracle Security, Informix Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/informix.htm
[10]
Litchfield, David, Oracle Security, Postgres Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/postgresql.htm
[11]
Oracle Forensics in a Nutshell, Retrieved on July 2, 2010 from http://www.oracleforensics.com/wordpress/wp-content/uploads/2007/03/OracleForensicsInANutshell.pdf
[12]
Stahlberg, P., Miklau, G. and Levine, N. B., Threats to Privacy in the Forensic Analysis of Database Systems, ACM-SIGMOD, 07, June 12--14, 2007, Beijing, China
[13]
Pavlou, K. E. and Snodgrass, R. T. 2008. Forensic analysis of database tampering. ACM Trans. Datab. Syst. 33, 4, Article 30 (November 2008), 47 pages. DOI = 10.1145/1412331.1412342 http://doi.acm.org/10.1145/1412331.1412342

Cited By

View all
  • (2022)Network Forensics in the Era of Artificial IntelligenceExplainable Artificial Intelligence for Cyber Security10.1007/978-3-030-96630-0_8(171-190)Online publication date: 19-Apr-2022
  • (2022)Digital Forensics as a Service: Analysis for Forensic KnowledgeCyber Security and Digital Forensics10.1002/9781119795667.ch7(127-162)Online publication date: 14-Jan-2022
  • (2014)Toward a General Ontology for Digital Forensic DisciplinesJournal of Forensic Sciences10.1111/1556-4029.1251159:5(1231-1241)Online publication date: 16-Jun-2014
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
InfoSecCD '10: 2010 Information Security Curriculum Development Conference
October 2010
187 pages
ISBN:9781450302029
DOI:10.1145/1940941
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

  • KSU - CISE: KSU Center for InfoSec Education
  • ISSA: The Metro Atlanta Information Systems Security Association

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 October 2010

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. auditing
  2. database security
  3. forensics

Qualifiers

  • Research-article

Conference

InfoSecCD '10
Sponsor:
  • KSU - CISE
  • ISSA

Acceptance Rates

Overall Acceptance Rate 18 of 23 submissions, 78%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)16
  • Downloads (Last 6 weeks)0
Reflects downloads up to 11 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Network Forensics in the Era of Artificial IntelligenceExplainable Artificial Intelligence for Cyber Security10.1007/978-3-030-96630-0_8(171-190)Online publication date: 19-Apr-2022
  • (2022)Digital Forensics as a Service: Analysis for Forensic KnowledgeCyber Security and Digital Forensics10.1002/9781119795667.ch7(127-162)Online publication date: 14-Jan-2022
  • (2014)Toward a General Ontology for Digital Forensic DisciplinesJournal of Forensic Sciences10.1111/1556-4029.1251159:5(1231-1241)Online publication date: 16-Jun-2014
  • (2014)Towards adapting metamodelling technique for database forensics investigation domain2014 International Symposium on Biometrics and Security Technologies (ISBAST)10.1109/ISBAST.2014.7013142(322-327)Online publication date: Aug-2014
  • (2013)FicklebaseProceedings of the 2013 IEEE International Conference on Data Engineering (ICDE 2013)10.1109/ICDE.2013.6544816(86-97)Online publication date: 8-Apr-2013

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media