TY - GEN
T1 - The method of database server detection and investigation in the enterprise environment
AU - Son, Namheun
AU - Lee, Keun Gi
AU - Jeon, Sangjun
AU - Chung, Hyunji
AU - Lee, Sangjin
AU - Lee, Changhoon
PY - 2011
Y1 - 2011
N2 - When a forensic investigation is carried out in the enterprise environment, most of the important data is stored in database servers, and data stored in them are very important elements for a forensic investigation. As for database servers with such data stored, there are over 10 various kinds, such as SQL Server, Mysql and Oracle. All the methods of investigating a database system are important, but this study suggests a single methodology likely to investigate all the database systems while considering the common characteristics of database system. A method of detecting a server, data acquiring and investigating data in the server can be usefully used for such an investigation in the enterprise environment. Therefore, such a methodology will be explained through a way of carrying out a forensic investigation on SQL Server Database of Microsoft Corporation.
AB - When a forensic investigation is carried out in the enterprise environment, most of the important data is stored in database servers, and data stored in them are very important elements for a forensic investigation. As for database servers with such data stored, there are over 10 various kinds, such as SQL Server, Mysql and Oracle. All the methods of investigating a database system are important, but this study suggests a single methodology likely to investigate all the database systems while considering the common characteristics of database system. A method of detecting a server, data acquiring and investigating data in the server can be usefully used for such an investigation in the enterprise environment. Therefore, such a methodology will be explained through a way of carrying out a forensic investigation on SQL Server Database of Microsoft Corporation.
KW - database server
KW - enterprise
KW - forensic
KW - network topology
UR - http://www.scopus.com/inward/record.url?scp=79960138619&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-22339-6_20
DO - 10.1007/978-3-642-22339-6_20
M3 - Conference contribution
AN - SCOPUS:79960138619
SN - 9783642223389
T3 - Communications in Computer and Information Science
SP - 164
EP - 171
BT - Secure and Trust Computing, Data Management, and Applications - 8th FTRA International Conference, STA 2011, Proceedings
T2 - 8th FTRA International Conference on Secure and Trust Computing, Data Management, and Application, STA 2011
Y2 - 28 June 2011 through 30 June 2011
ER -