Exploring the Intersection between Databases and Digital Forensics
DOI:
https://doi.org/10.5753/jidm.2022.2524Keywords:
Databases, Digital Forensic, SurveyAbstract
Digital forensics has attracted attention from assorted researchers, who primarily work on predicting and solving digital hacks and crimes. In turn, the number and types of digital crimes have increased considerably, mainly due to the growing use of digital media to perform daily personal and professional tasks. Like most computer-related activities, data is at the center of such hacks and crimes. Hence, this work presents a systematic literature review of publications at the intersection between Digital Forensics and Databases. We discuss problems and trends of two main categories: Data Building and Database Management Systems. Overall, this research opens the doors for the communication between databases and an area with several exciting and concrete challenges, with great potential for social, economic, and technical-scientific contributions.
Downloads
References
Afshar, M., Samet, S., and Usefi, H. Incorporating behavior in attribute based access control model using machine learning. In 2021 IEEE International Systems Conference (SysCon). IEEE, Vancouver, BC, Canada, pp. 1–8, 2021.
Ahmad, W., Rasool, A., Javed, A., Baker, T., and Jalil, Z. Cyber security in iot-based cloud computing: A comprehensive survey. Electronics (Switzerland) 11 (1): 11–16, 2022. cited By 0.
Al-Dhaqm, A. et al. Categorization and organization of database forensic investigation processes. IEEE Access vol. 8, pp. 112846–112858, 2020a.
Al-Dhaqm, A. et al. Database forensic investigation process models: A review. IEEE Access vol. 8, pp. 48477–48490, 2020b.
Alfadli, I. M., Ghabban, F. M., Ameerbakhsh, O., AbuAli, A. N., Al-Dhaqm, A., and Al-Khasawneh, M. A. Cipm: Common identification process model for database forensics field. In 2021 2nd International Conference on Smart Computing and Electronic Enterprise (ICSCEE). IEEE, Cameron Highlands, Malaysia, pp. 72–77, 2021.
Andrade, L. M., Domingues, P., and Frade, M. Keeping track of uwp application changes for digital forensic purposes. In 2021 Telecoms Conference (ConfTELE). IEEE, Leiria, Portugal, pp. 1–5, 2021.
Andriotis, P., Oikonomou, G., and Tryfonas, T. Forensic analysis of wireless networking evidence of android smartphones. In 2012 IEEE International Workshop on Information Forensics and Security (WIFS). IEEE, Costa Adeje, Spain, pp. 109–114, 2012.
Atwal, T. S. et al. Shining a light on spotlight: Leveraging apple’s desktop search utility to recover deleted file metadata on macos. Digital Investigation vol. 28, pp. S105–S115, 2019.
Awasthi, A. et al. Welcome pwn: Almond smart home hub forensics. Digital Investigation vol. 26, pp. S38–S46, 2018.
Azemović, J. and Mušić, D. Efficient model for detection data and data scheme tempering with purpose of valid forensic analysis. In Proc. Int. Conf. Comput. Eng. Appl.(ICCEA). IACSIT Press, Singapore, pp. 83–89, 2009.
Bahjat, A. A. and Jones, J. Deleted file fragment dating by analysis of allocated neighbors. Digital Investigation vol. 28, pp. S60–S67, 2019.
Bašić, B., Udovičić, P., and Orel, O. In-database auditing subsystem for security enhancement. In 2021 44th International Convention on Information, Communication and Electronic Technology (MIPRO). IEEE, Opatija, Croatia, pp. 1642–1647, 2021.
Bell, S. A Dictionary of Forensic Science. Oxford University Press, Online, 2013.
Cankaya, E. C. and Kupka, B. A survey of digital forensics tools for database extraction. In 2016 future technologies conference (ftc). IEEE, IEEE, San Francisco, CA, USA, pp. 1014–1019, 2016.
Chen, P. S. Discovering investigation clues through mining criminal databases. In Intelligence and Security Informatics: Techniques and Applications. Springer Berlin Heidelberg, Berlin, Heidelberg, pp. 173–198, 2008.
Choi, H., Lee, S., and Jeong, D. Forensic recovery of SQL server database: Practical approach. IEEE Access vol. 9, pp. 14564–14575, 2021.
Chopade, R. and Pachghare, V. K. Ten years of critical review on database forensics research. Digital Investigation vol. 29, pp. 180–197, 2019.
Damshenas, M., Dehghantanha, A., and Mahmoud, R. A survey on digital forensics trends. International Journal of Cyber-Security and Digital Forensics 3 (4): 209–235, 2014.
Davies, S. R., Macfarlane, R., and Buchanan, W. J. Napierone: A modern mixed file dataset alternative to govdocs1. Forensic Science International: Digital Investigation vol. 40, pp. 301330, 2022.
Deng, W., Liang, G., Zhang, X., and Shi, Y. An early warning model of cybercrime based on user profile. In Proceedings of the 11th International Conference on Computer Engineering and Networks, Q. Liu, X. Liu, B. Chen, Y. Zhang, and J. Peng (Eds.). Springer Singapore, Singapore, pp. 751–757, 2022.
Fernández-Fuentes, X., F. Pena, T., and Cabaleiro, J. C. Digital forensic analysis methodology for private browsing: Firefox and chrome on linux as a case study. Computers & Security vol. 115, pp. 102626, 2022.
Fleiss, J. L., Levin, B., and Paik, M. C. Statistical methods for rates and proportions. John Wiley & Sons, New Jersey, 2013.
Freiling, F. and Hösch, L. Controlled experiments in digital evidence tampering. Digital Investigation vol. 24, pp. S83–S92, 2018.
Garfinkel, S. L. Digital forensics research: The next 10 years. digital investigation vol. 7, pp. S64–S73, 2010.
Grajeda, C., Sanchez, L., Baggili, I., Clark, D., and Breitinger, F. Experience constructing the artifact genome project (agp): Managing the domain’s knowledge one artifact at a time. Digital Investigation vol. 26, pp. S47–S58, 2018.
Gupta, P., Li, Y., Mehrotra, S., Panwar, N., Sharma, S., and Almanee, S. obscure: Information-theoretically secure, oblivious, and verifiable aggregation queries on secret-shared outsourced data. IEEE Transactions on Knowledge and Data Engineering 34 (2): 843–864, 2022.
Han, J., Lee, K., Choi, J., Lim, K., and Lee, S. Analysis of connection information for database server detection. In 2009 2nd International Conference on Computer Science and its Applications. IEEE, Jeju, Korea (South), pp. 1–5, 2009.
Hauger, W. K. and Olivier, M. S. NOSQL databases: Forensic attribution implications. SAIEE Africa Research Journal 109 (2): 119–132, 2018.
Henseler, H. and van Loenhout, S. Educating judges, prosecutors and lawyers in the use of digital forensic experts. Digital Investigation vol. 24, pp. S76–S82, 2018.
Hommes, S. et al. Automated source code extension for debugging of openflow based networks. In CNSM. IEEE, Zurich, Switzerland, pp. 105–108, 2013.
Hosler, B. C., Zhao, X., Mayer, O., Chen, C., Shackleford, J. A., and Stamm, M. C. The video authentication and camera identification database: A new database for video forensics. IEEE Access vol. 7, pp. 76937–76948, 2019.
Kanta, A., Coisel, I., and Scanlon, M. A survey exploring open source intelligence for smarter password cracking. FSI: Digital Investigation vol. 35, pp. 301075, 2020.
Khanji, S. I. R., Khattak, A. M., and Hacid, H. Database auditing and forensics: Exploration and evaluation. In AICCSA. IEEE, Marrakech, Morocco, pp. 1–6, 2015.
Khobragade, P. K. and Malik, L. G. Data generation and analysis for digital forensic application using data mining. In 2014 Fourth International Conference on Communication Systems and Network Technologies. IEEE, Bhopal, India, pp. 458–462, 2014.
Kitchenham, B. and Charters, S. Guidelines for performing systematic literature reviews in software engineering. Tech. Rep. EBSE-2007-01, Keele University and Durham University Joint Report, 2007.
Kumar, S. T. and Karabiyik, U. Instagram forensic analysis revisited: Does anything really vanish? In 2021 International Symposium on Networks, Computers and Communications (ISNCC). IEEE, Dubai, United Arab Emirates, pp. 1–6, 2021.
Li, Q., Hu, X., and Wu, H. Database management strategy and recovery methods of android. In ICSESS. IEEE, Beijing, China, pp. 727–730, 2014.
Liebler, L., Schmitt, P., Baier, H., and Breitinger, F. On efficiency of artifact lookup strategies in digital forensics. Digital Investigation vol. 28, pp. S116–S125, 2019.
Lindauer, I., Schäler, M., Vielhauer, C., Saake, G., and Hildebrandt, M. A first proposal for a general description model of forensic traces. In Optics, Photonics, and Digital Technologies for Multimedia Applications II. Vol. 8436. International Society for Optics and Photonics, SPIE, Brussels, Belgium, pp. 84360U, 2012.
Liu, T.-M., Kao, D.-Y., and Chen, Y.-Y. Loocipher ransomware detection using lightweight packet characteristics. Procedia Computer Science vol. 176, pp. 1677–1683, 2020. Knowledge-Based and Intelligent Information & Engineering Systems: Proceedings of the 24th International Conference KES2020.
Liu, X., Fu, X., and Sun, G. Recovery of deleted record for SQLite3 database. In IHMSC. IEEE, Hangzhou, China, pp. 183–187, 2016.
Liu, Z., Xu, B., Cheng, B., Hu, X., and Darbandi, M. Intrusion detection systems in the cloud computing: A comprehensive and deep literature review. Concurrency and Computation: Practice and Experience 34 (4): 1–23, 2022.
Mahapatra, R. and Khan, S. A survey of sq1 injection countermeasures. International Journal of computer Science and engineering survey 3 (3): 55, 2012.
Ming, H. and LiZhong, S. A new system design of network invasion forensics. In ICCEE. IEEE, Dubai, UAE, pp. 596–599, 2009.
Pavlou, K. E. and Snodgrass, R. T. Achieving database information accountability in the cloud. In 2012 IEEE 28th International Conference on Data Engineering Workshops. IEEE, Arlington, VA, USA, pp. 147–150, 2012a.
Pavlou, K. E. and Snodgrass, R. T. Dragoon: An information accountability system for high-performance databases. In 2012 IEEE 28th International Conference on Data Engineering. IEEE, Arlington, VA, USA, pp. 1329–1332, 2012b.
Pessolano, G., Read, H. O., Sutherland, I., and Xynos, K. Forensic analysis of the nintendo 3ds nand. Digital Investigation vol. 29, pp. S61–S70, 2019.
Prajapati, P. and Shah, P. A review on secure data deduplication: Cloud storage security issue. Journal of King Saud University - Computer and Information Sciences vol. 1, pp. 1–12, 2020.
Qi, M. Digital forensics and NoSQL databases. In FSKD. IEEE, Xiamen, China, pp. 734–739, 2014.
Qi, M. et al. Big data management in digital forensics. In CSE. IEEE, Chengdu, China, pp. 238–243, 2014.
Salim, S., Turnbull, B., and Moustafa, N. Data analytics of social media 3.0: Privacy protection perspectives for integrating social media and internet of things (sm-iot) systems. Ad Hoc Networks vol. 128, pp. 102786, 2022.
Salunkhe, P., Bharne, S., and Padiya, P. Data analysis of file forensic investigation. In SCOPES. IEEE, CParalakhemundi, India, pp. 372–375, 2016.
Satrya, G. B., Daely, P. T., and Nugroho, M. A. Digital forensic analysis of telegram messenger on android devices. In ICTS. IEEE, Surabaya, Indonesia, pp. 1–7, 2016.
Schmitt, S. Introducing anti-forensics to SQLite corpora and tool testing. In 2018 11th International Conference on IT Security Incident Management IT Forensics (IMF). IEEE, Hamburg, Germany, pp. 89–106, 2018.
Servida, F. and Casey, E. Iot forensic challenges and opportunities for digital traces. Digital Investigation vol. 28, pp. S22–S29, 2019.
Seufitelli, D., Moura, A. F., Fernandes, A., Siqueira, K., Brandão, M., and Moro, M. Forense digital e bancos de dados: um survey. In Anais do XXXVI Simpósio Brasileiro de Bancos de Dados. SBC, Porto Alegre, RS, Brasil, pp. 307–312, 2021.
Sikos, L. F. Packet analysis for network forensics: A comprehensive survey. FSI: Digital Investigation vol. 32, pp. 200892, 2020.
Son, J., Kim, Y. W., Oh, D. B., and Kim, K. Forensic analysis of instant messengers: Decrypt signal, wickr, and threema. Forensic Science International: Digital Investigation vol. 40, pp. 301347, 2022.
Tolosana, R., Romero-Tapiador, S., Vera-Rodriguez, R., Gonzalez-Sosa, E., and Fierrez, J. Deepfakes detection across generations: Analysis of facial regions, fusion, and performance evaluation. Engineering Applications of Artificial Intelligence vol. 110, pp. 104673, 2022.
van Beek, H. et al. Digital forensics as a service: Stepping up the game. FSI: Digital Investigation vol. 35, pp. 301021, 2020.
van Zandwijk, J. P. and Boztas, A. The iphone health app from a forensic perspective: can steps and distances registered during walking and running be used as digital evidence? Digital Investigation vol. 28, pp. S126–S133, 2019.
Wagner, J., Rasin, A., Heart, K., Jacob, R., and Grier, J. Db3f & df-toolkit: The database forensic file format and the database forensic toolkit. Digital Investigation vol. 29, pp. S42–S50, 2019.
Williams, J., MacDermott, A., Stamp, K., and Iqbal, F. Forensic analysis of fitbit versa: Android vs ios. In 2021 IEEE Security and Privacy Workshops (SPW). IEEE, San Francisco, CA, USA, pp. 318–326, 2021.
Xie, X. et al. SQL injection detection for web applications based on elastic-pooling cnn. IEEE Access vol. 7, pp. 151475–151481, 2019.
Yogameena, B., Jakkamsetti, G., and S., A. Spygan sketch: Heterogeneous face matching in video for crime investigation. Journal of Visual Communication and Image Representation vol. 82, pp. 103400, 2022.
Zhang, Z., Yuan, M., and Qian, H. Research on mysql database recovery and forensics based on binlog. In Proceedings of the 11th International Conference on Computer Engineering and Networks, Q. Liu, X. Liu, B. Chen, Y. Zhang, and J. Peng (Eds.). Springer Singapore, Singapore, pp. 741–750, 2022.
