ABSTRACT
At the user or surface level, most Database Management System (DBMS) are similar. Most databases contain multiple tables, a standardized query language, primary key, foreign key, referential integrity, and metadata. With regard to physical file structures, concurrency mechanisms, security mechanisms, query optimization and datawarehouse techniques, databases may be radically different from each other. Most Forensic tools are too time consuming to be applied to large databases. Meanwhile, database tools such as oracle logminer and auditing features can assist in forensics, but were not created for that purpose. Many of these tools alter the database in ways that may complicate the use of their results in a legal proceeding. This paper analyzes the challenges of digital forensics, related literature, topics involved, current options for performing forensics on databases as well as considerations in teaching database forensics.
- Betjlich, Richard, Proactive vs Reactive Security, TaoSecurity, Retrieved on August 1, 2010 from http://taosecurity.blogspot.com/2007/03/proactive-vs-reactive-security.htmlGoogle Scholar
- Kroenke, David M., Database Concepts 4th edition, ISBN 0136086535, Prentice Hall, 2009.Google Scholar
- Litchfield, David (2008) - Oracle Forensics Analysis Using the Forensic Examiners Database Scalpel (FEDS) Tool, ISBN:9780470191187, Wiley, 2008.Google Scholar
- Pete Finnigan (2004) -- Oracle Forensics module -- SANS training, Retrieved on July 1, 2010 from http://www.petefinnigan.com/Oracle_Forensics.pdfGoogle Scholar
- Wright, Paul, Oracle Forensics: -- ISBN-10-0977671526., Rampant Techpress, 2010.Google Scholar
- Litchfield, David, Oracle Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/oracle-forensics.htmGoogle Scholar
- Litchfield, David, MS SQL Server Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/sql-server-forensics.htm Google ScholarDigital Library
- Litchfield, David, Oracle Security, DB2 Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/db2.htmGoogle Scholar
- Litchfield, David, Oracle Security, Informix Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/informix.htmGoogle Scholar
- Litchfield, David, Oracle Security, Postgres Security, Retrieved on July 1, 2010 from http://www.databasesecurity.com/postgresql.htmGoogle Scholar
- Oracle Forensics in a Nutshell, Retrieved on July 2, 2010 from http://www.oracleforensics.com/wordpress/wp-content/uploads/2007/03/OracleForensicsInANutshell.pdfGoogle Scholar
- Stahlberg, P., Miklau, G. and Levine, N. B., Threats to Privacy in the Forensic Analysis of Database Systems, ACM-SIGMOD, 07, June 12--14, 2007, Beijing, China Google ScholarDigital Library
- Pavlou, K. E. and Snodgrass, R. T. 2008. Forensic analysis of database tampering. ACM Trans. Datab. Syst. 33, 4, Article 30 (November 2008), 47 pages. DOI = 10.1145/1412331.1412342 http://doi.acm.org/10.1145/1412331.1412342 Google ScholarDigital Library
Index Terms
- Database forensics
Recommendations
Teaching database security and auditing
SIGCSE '09Hands-on laboratory experiences are essential critical for students to understand concepts and gain real-world insights in database security and auditing. We are developing a set of hands-on labs to integrate theories of database security into ...
Teaching database security and auditing
SIGCSE '09: Proceedings of the 40th ACM technical symposium on Computer science educationHands-on laboratory experiences are essential critical for students to understand concepts and gain real-world insights in database security and auditing. We are developing a set of hands-on labs to integrate theories of database security into ...
Database and database application security
ITiCSE '09This paper focuses on the emerging importance of database and application security, textbooks and other supplementary materials to teach these topics and where to place these topics in a curriculum. The paper emphasizes 1) the growing concerns of ...
Comments