Database Application Schema Forensics

Beyers, Hector; Olivier, Martin S.; Hancke, Gerhard P.

doi:10.18489/sacj.v55i0.188

Cited by 5 publications

(6 citation statements)

References 8 publications

(12 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Several studies have argued that database security models might fail when applied [6][7][8][9][10][11]. DBMSs differ greatly in terms of functionality, which may explain this failure.…”

Section: Related Workmentioning

confidence: 99%

“…However, this model could not detect when tampering occurred, which data were altered, and the identity of the attacker, as it was not able to analyze intruder activities. In [7], a model was introduced to investigate compromised databases by involving two examination processes: identification and collection. In [27], a method was presented to collect, preserve, and analyze database metadata to prevent attacks on databases using four investigation processes: collecting and preserving evidence, analyzing anti-forensic attacks, analyzing database attacks, and preserving evidence reports.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Digital Forensics Readiness Framework (DFRF) to Secure Database Systems

Albugmi

2024

Eng. Technol. Appl. Sci. Res.

View full text Add to dashboard Cite

Database systems play a significant role in structuring, organizing, and managing data of organizations. In this regard, the key challenge is how to protect the confidentiality, integrity, and availability of database systems against attacks launched from within and outside an organization. To resolve this challenge, different database security techniques and mechanisms, which generally involve access control, database monitoring, data encryption, database backups, and strong passwords have been proposed. These techniques and mechanisms have been developed for certain purposes but fall short of many industrial expectations. This study used the design science research method to recommend a new Digital Forensic Readiness Framework, named DFRF, to secure database systems. DFRF involves risk assessments, data classification, database firewalls, data encryption, strong password policies, database monitoring and logging, data backups and recovery, incident response plans, forensic readiness, as well as education and awareness. The proposed framework not only identifies threats and responds to them more effectively than existing models, but also helps organizations stay fully compliant with regulatory requirements and improve their security. The design of the suggested framework was compared with existing models, confirming its superiority.

show abstract

“…Several studies have argued that database security models might fail when applied [6][7][8][9][10][11]. DBMSs differ greatly in terms of functionality, which may explain this failure.…”

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Digital Forensics Readiness Framework (DFRF) to Secure Database Systems

Albugmi

2024

Eng. Technol. Appl. Sci. Res.

View full text Add to dashboard Cite

show abstract

“…For example, in a System and Method for Investigating a Data Operation Performed on a Database [ 23 ], the terminology ‘ Reconstructing Database’ is used to reconstruct the database events from logs and memory caches. The same activity, however, is represented using ‘ Rebuilding’ in the Database Application Schema Forensics Model [ 29 ]. A specific domain modelling language expressed as a metamodel can offer an alternative and better approach towards resolving this type of problem.…”

Section: 0 Backgrounds and Related Workmentioning

confidence: 99%

“…Additionally, Litchfield offered series of technical models [ 25 , 34 – 39 ] to deal with several specific incidents, cases and scenarios of Oracle database. Furthermore, several studies such as [ 1 – 3 , 22 , 24 , 26 , 27 , 29 , 40 – 66 ], discussed Database Forensic from technology perspectives. For example, methods to detect database tampering, detect covert database server, discovering who is criminal, when crime happen, what and where crime happen, protect evidence methods, acquisition methods, analysis methods, forensic analysis algorithms, etc.…”

Section: 0 Backgrounds and Related Workmentioning

confidence: 99%

Development and validation of a Database Forensic Metamodel (DBFM)

et al. 2017

View full text Add to dashboard Cite

Database Forensics (DBF) is a widespread area of knowledge. It has many complex features and is well known amongst database investigators and practitioners. Several models and frameworks have been created specifically to allow knowledge-sharing and effective DBF activities. However, these are often narrow in focus and address specified database incident types. We have analysed 60 such models in an attempt to uncover how numerous DBF activities are really public even when the actions vary. We then generate a unified abstract view of DBF in the form of a metamodel. We identified, extracted, and proposed a common concept and reconciled concept definitions to propose a metamodel. We have applied a metamodelling process to guarantee that this metamodel is comprehensive and consistent.

show abstract

“…At this point, one of the methodological weaknesses in the current meta-theory of digital forensics has been reached. Whereas the word "hypothesis" is already in wide use (see, e.g., [2]), it is mainly used in an undifferentiated and science-philosophically unreflected manner. This suggests that users of the concept are largely unaware of the many different classes of empirical hypotheses.…”

Section: Motivationmentioning

confidence: 99%

Notions of Hypothesis in Digital Forensics

Tewelde¹,

Grüner²,

Olivier³

2015

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

With the growing scientification of the discipline of digital forensics, the notion of "scientific hypothesis" is becoming increasingly important, because all empirical science is hypothetical, not apodictic. Although the word "hypothesis" is used widely in the digital forensics literature, its usage is not sufficiently reflected from a philosophy of science point of view. This chapter discusses this problem with particular reference to Carrier's methodological work in which the notion of hypothesis plays a prominent role.

show abstract

Database Application Schema Forensics

Cited by 5 publications

References 8 publications

Digital Forensics Readiness Framework (DFRF) to Secure Database Systems

Digital Forensics Readiness Framework (DFRF) to Secure Database Systems

Development and validation of a Database Forensic Metamodel (DBFM)

Notions of Hypothesis in Digital Forensics

Contact Info

Product

Resources

About