کد مقاله کد نشریه سال انتشار مقاله انگلیسی نسخه تمام متن
457825 696051 2014 13 صفحه PDF دانلود رایگان
عنوان انگلیسی مقاله ISI
Towards a forensic-aware database solution: Using a secured database replication protocol and transaction management for digital investigations
ترجمه فارسی عنوان
در راستای راه حل پایگاه داده آگاهی قانونی: با استفاده از پروتکل تکرار پایگاه داده امن و مدیریت تراکنش برای تحقیقات دیجیتال
موضوعات مرتبط
مهندسی و علوم پایه مهندسی کامپیوتر شبکه های کامپیوتری و ارتباطات
چکیده انگلیسی

Databases contain an enormous amount of structured data. While the use of forensic analysis on the file system level for creating (partial) timelines, recovering deleted data and revealing concealed activities is very popular and multiple forensic toolsets exist, the systematic analysis of database management systems has only recently begun. Databases contain a large amount of temporary data files and metadata which are used by internal mechanisms. These data structures are maintained in order to ensure transaction authenticity, to perform rollbacks, or to set back the database to a predefined earlier state in case of e.g. an inconsistent state or a hardware failure. However, these data structures are intended to be used by the internal system methods only and are in general not human-readable.In this work we present a novel approach for a forensic-aware database management system using transaction- and replication sources. We use these internal data structures as a vital baseline to reconstruct evidence during a forensic investigation. The overall benefit of our method is that no additional logs (such as administrator logs) are needed. Furthermore, our approach is invariant to retroactive malicious modifications by an attacker. This assures the authenticity of the evidence and strengthens the chain of custody. To evaluate our approach, we present a formal description, a prototype implementation in MySQL alongside and a comprehensive security evaluation with respect to the most relevant attack scenarios.

ناشر
Database: Elsevier - ScienceDirect (ساینس دایرکت)
Journal: Digital Investigation - Volume 11, Issue 4, December 2014, Pages 336–348
نویسندگان
, , , ,