Forensic Analysis of Databases by Combining Multiple Evidences
Journal: INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY (Vol.7, No. 3)Publication Date: 2013-01-01
Authors : Harmeet Khanuja; D.S. Adane;
Page : 654-663
Keywords : Database Forensics; Dempster-Shafer theory; Artifacts; Transactions; Initial Belief;
Abstract
The information security for securing enterprise databases from internal and external attacks and violations of mutual policy is an interminable struggle. With the growing number of attacks and frauds, the organizations are finding it difficult to meet various regulatory compliance requirements such as SOX, HIPAA, and state privacy laws. The aim here is to develop a methodology which monitors the database transactions on continuous basis and to make a decision whether the database transactions are legitimate or suspicious by combining multiple evidences gathered. The suspicious transactions can then be used for forensic analysis to reconstruct the illegal activity carried out in an organization. This can be achieved by incorporating information accountability in Database Management System. Information accountability means, the information usage should be transparent so that it is possible to determine whether a use is appropriate under a given set of rules. We focus on effective information accountability of data stored in high-performance databases through database forensics which collects and analyses database transactions collected through various sources and artifacts like data cache, log files, error logs etc. having volatile or non-volatile characteristics within high performance databases. The information and multiple evidences collected are then analyzed using an Extended Dempster-Shafer theory(EDST). It ?combines multiple such evidences and an initial belief is computed for suspected transactions which can be further used for reconstructing the activity in database forensics process.
Other Latest Articles
- A Novel Method for Intrusion Detection Based on SARSA and Radial Bias Feed Forward Network (RBFFN)
- Performance Analysis and FPGA Implementation of Digital PID Controller for Speed Control of DC Motor
- Survey on the Research Challenges of Radio Resource Management in LTE-A and the Current Proposed Solutions for these Challenges
- A Survey of Mining Association Rules Using Constraints
- Comparative study of different Sense Amplifiers in 0.18um technology
Last modified: 2016-06-29 19:32:55