Universiti Teknologi Malaysia Institutional Repository

A generic database forensic investigation process model

Al-Dhaqm, Arafat and Abd. Razak, Shukor and Othman, Siti Hajar and Nagdi, Asri and Ali, Abdulalem (2016) A generic database forensic investigation process model. Jurnal Teknologi, 78 (6-11). pp. 45-57. ISSN 0127=9696

[img]
Preview
PDF
703kB

Official URL: https://www.scopus.com/inward/record.uri?eid=2-s2....

Abstract

Database Forensic investigation is a domain which deals with database contents and their metadata to reveal malicious activities on database systems. Even though it is still new, but due to the overwhelming challenges and issues in the domain, this makes database forensic become a fast growing and much sought after research area. Based on observations made, we found that database forensic suffers from having a common standard which could unify knowledge of the domain. Therefore, through this paper, we present the use of Design Science Research (DSR) as a research methodology to develop a Generic Database Forensic Investigation Process Model (DBFIPM). From the creation of DBFIPM, five common forensic investigation processes have been proposed namely, the i) identification, ii) collection, iii) preservation, iv) analysis and v) presentation process. From the DBFIPM, it allows the reconciliation of concepts and terminologies of all common databases forensic investigation processes. Thus, this will potentially facilitate the sharing of knowledge on database forensic investigation among domain stakeholders.

Item Type:Article
Uncontrolled Keywords:Database forensic, Digital forensic
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:71404
Deposited By: Siti Nor Hashidah Zakaria
Deposited On:21 Nov 2017 11:28
Last Modified:21 Nov 2017 11:28

Repository Staff Only: item control page