Al-Dhaqm, Arafat Mohammed Rashad (2019) Simplified database forensic investigation using metamodeling approach. PhD thesis, Universiti Teknologi Malaysia, Faculty of Engineering - School of Computing.
|
PDF
1MB |
Official URL: http://dms.library.utm.my:8080/vital/access/manage...
Abstract
Database Forensic Investigation (DBFI) domain is a significant field used to identify, collect, preserve, reconstruct, analyze and document database incidents. However, it is a heterogeneous, complex, and ambiguous domain due to the variety and multidimensional nature of database systems. Numerous specific DBFI models and frameworks have been proposed to solve specific database scenarios but there is a lack of structured and unified frameworks to facilitate managing, sharing and reusing of DBFI tasks and activities. Thus, this research developed a DBFI Metamodel (DBFIM) to structure and organize DBFI domain. A Design Science Research Methodology (DSRM) to provide a logical, testable and communicable metamodel was applied in this study. In this methodology, the steps included problem identification, define objectives, design and development, demonstration and evaluation, and communication. The outcome of this study is a DBFIM developed for structuring and organizing DBFI domain knowledge that facilitates the managing, sharing and reusing of DBFI domain knowledge among domain practitioners. DBFIM identifies, recognizes, extracts and matches different DBFI processes, concepts, activities, and tasks from different DBFI models into a developed metamodel, thus, allowing domain practitioners to derive/instantiate solution models easily. The DBFIM was validated using qualitative techniques: comparison against other models; face validity (domain experts); and case study. Comparisons against other models and face validity were applied to ensure completeness, logicalness, and usefulness of DBFIM against other DBFI domain models. Following this, two case studies were selected and implemented to demonstrate the applicability and effectiveness of the DBFIM in the DBFI domain using a DBFIM Prototype (DBFIMP). The results showed that DBFIMP allowed domain practitioners to create their solution models easily based on their requirements.
Item Type: | Thesis (PhD) |
---|---|
Uncontrolled Keywords: | Database Forensic Investigation (DBFI), DBFIM, domain knowledge |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Divisions: | Computing |
ID Code: | 98147 |
Deposited By: | Yanti Mohd Shah |
Deposited On: | 14 Nov 2022 10:22 |
Last Modified: | 14 Nov 2022 10:22 |
Repository Staff Only: item control page