Browser unable to execute script; please use the site map to navigate the site.

Arguments and Methods for Database Data Model Forensics

Beyers, Olivier, and Hancke

2012

(Citation)Citation information

H. Q. Beyers, M. S. Olivier, and G. P. Hancke. “Arguments and Methods for Database Data Model Forensics”. In: Seventh International Workshop on Digital Forensics & Incident Analysis (WDFIA). Hersonissos, Crete, Greece, June 2012, pp. 139–149

(Abstract)Abstract

A Database Management System (DBMS) consists of metadata and data. The metadata influences the way the data is presented to the user and this presents various forensic complications. The data model can be viewed as the highest level of metadata which governs the way other metadata and data in the DBMS are presented to the user. The data model can be modified to hide or tamper with forensic evidence. In this study the focus is on the data model of the DBMS and arguments are provided to indicate why the data model is an important consideration when conducting a forensic investigation on a DBMS. Various methods are presented to transform the data model into a desired state for a forensic investigation and these methods are measured against set out criteria. No one method is adequate for every forensic investigation. A forensic investigator should understand the various methods and select the correct data model state and method to convert the data model into that required state.

(BibTeX record)BibTeX reference

@inproceedings(dmf,
author={Hector Q. Beyers and Martin S. Olivier and Gerhard P. Hancke},
title={Arguments and Methods for Database Data Model Forensics},
booktitle={Seventh International Workshop on Digital Forensics & Incident Analysis (WDFIA)},
address = {Hersonissos, Crete, Greece},
year={2012},
month=jun,
pages={139--149})