Towards adapting metamodelling technique for database forensics investigation domain

Threats which come from database insiders or database outsiders have formed a big challenge to the protection of integrity and confidentiality in many database systems. To overcome this situation a new domain called a Database Forensic (DBF) has been introduced to specifically investigate these dynamic threats which have posed many problems in Database Management Systems (DBMS) of many organizations. DBF is a process to identify, collect, preserve, analyse, reconstruct and document all digital evidences caused by this challenge. However, until today, this domain is still lacks having a standard and generic knowledge base for its forensic investigation methods / tools due to many issues and challenges in its complex processes. Therefore, this paper will reveal an approach adapted from a software engineering domain called metamodelling which will unify these DBF complex knowledge processes into an artifact, a metamodel (DBF Metamodel). In future, the DBF Metamodel could benefit many DBF investigation users such as database investigators, stockholders, and other forensic teams in offering various possible solutions for their problem domain.

[1]  Huwida E. Said,et al.  Database forensics , 2010, InfoSecCD.

[2]  Kevvie Fowler SQL Server Forensic Analysis , 2008 .

[3]  Martin S. Olivier,et al.  On metadata context in Database Forensics , 2009, Digit. Investig..

[4]  Harmeet Kaur Khanuja,et al.  AFRAMEWORK FOR DATABASE FORENSIC AN ALYSIS , 2012 .

[5]  Harmeet Kaur Khanuja,et al.  Database Security Threats and Challenges in Database Forensic: A Survey , 2011 .

[6]  Rojesh Susaimanickam,et al.  A workflow to support forensic database analysis , 2012 .

[7]  Ghassan Beydoun,et al.  DM model transformations framework , 2013 .

[8]  Shweta Tripathi,et al.  Digital Evidence for Database Tamper Detection , 2012, J. Information Security.

[9]  Md. Asri Ngadi,et al.  Detection and Prevention of Malicious Activities on RDBMS Relational Database Management Systems , 2012 .

[10]  Siti Hajar Othman Managing a complexity of physical Security Knowledge through a physical security metamodel , 2013 .

[11]  Martin S. Olivier,et al.  Reconstruction in Database Forensics , 2012, IFIP Int. Conf. Digital Forensics.

[12]  Sangjin Lee,et al.  The Method of Database Server Detection and Investigation in the Enterprise Environment , 2011, STA.

[13]  Michael K. Danquah,et al.  The quintessential research world is progressively interdisciplinary , 2012 .

[14]  Ghassan Beydoun,et al.  Development and validation of a Disaster Management Metamodel (DMM) , 2014, Inf. Process. Manag..

[15]  Harmeet Kaur Khanuja,et al.  Forensic Analysis of Databases by Combining Multiple Evidences , 2013, BIOINFORMATICS 2013.