Digital Evidence for Database Tamper Detection  

作　　者：Shweta Tripathi Bandu Baburao Meshram 

机构地区：[1]Department of Computer Engineering, Fr. Agnel Institute of Technology, Navi Mumbai, India [2]Head Department of Computer Technology, Veermata Jijabai Technological Institute, Mumbai, India

出　　处：《Journal of Information Security》2012年第2期113-121,共9页信息安全（英文）

摘　　要：Most secure database is the one you know the most. Tamper detection compares the past and present status of the system and produces digital evidence for forensic analysis. Our focus is on different methods or identification of different locations in an oracle database for collecting the digital evidence for database tamper detection. Starting with the basics of oracle architecture, continuing with the basic steps of forensic analysis the paper elaborates the extraction of suspicious locations in oracle. As a forensic examiner, collecting digital evidence in a database is a key factor. Planned and a modelled way of examination will lead to a valid detection. Based on the literature survey conducted on different aspects of collecting digital evidence for database tamper detection, the paper proposes a block diagram which may guide a database forensic examiner to obtain the evidences.Most secure database is the one you know the most. Tamper detection compares the past and present status of the system and produces digital evidence for forensic analysis. Our focus is on different methods or identification of different locations in an oracle database for collecting the digital evidence for database tamper detection. Starting with the basics of oracle architecture, continuing with the basic steps of forensic analysis the paper elaborates the extraction of suspicious locations in oracle. As a forensic examiner, collecting digital evidence in a database is a key factor. Planned and a modelled way of examination will lead to a valid detection. Based on the literature survey conducted on different aspects of collecting digital evidence for database tamper detection, the paper proposes a block diagram which may guide a database forensic examiner to obtain the evidences.

关 键 词：TAMPER Detection LOG FILES FORENSICS ORACLE DATABASE 

分 类 号：TP3[自动化与计算机技术—计算机科学与技术]