H. Beyers, M. S. Olivier, and G. P. Hancke. “Assembling the Metadata for a Database Forensic Examination”. In: Advances in Digital Forensics VII. Ed. by G. Peterson and S. Shenoi. Springer, 2011, pp. 89–99
Since information is often a primary target in a computer crime, organizations that store their information in database management systems (DBMSs) must develop a capability to perform database forensics. This paper describes a database forensic method that transforms a DBMS into the required state for a database forensic investigation. The method segments a DBMS into four abstract layers that separate the various levels of DBMS metadata and data. A forensic investigator can then analyze each layer for evidence of malicious activity. Tests performed on a compromised PostgreSQL DBMS demonstrate that the segmentation method provides a means for extracting the compromised DBMS components.
The definitive version of the paper is available from the publisher.
DOI: 10.1007/978-3-642-24212-0_7
@inproceedings(dbmeta,
author={Hector Beyers and Martin S Olivier and Gerhard P Hancke},
title={Assembling the Metadata for a Database Forensic
Examination},
booktitle={Advances in Digital Forensics {VII}},
editor={Gilbert Peterson and Sujeet Shenoi},
publisher={Springer},
year={2011},
pages={89--99} )
[Publications] [Home]
Page maintained by Martin Olivier
Record refreshed: October 31, 2019