The method of database server detection and investigation in the enterprise environment

Namheun Son, Keun Gi Lee, Sangjun Jeon, Hyunji Chung, Sangjin Lee, Changhoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

16 Citations (Scopus)

Abstract

When a forensic investigation is carried out in the enterprise environment, most of the important data is stored in database servers, and data stored in them are very important elements for a forensic investigation. As for database servers with such data stored, there are over 10 various kinds, such as SQL Server, Mysql and Oracle. All the methods of investigating a database system are important, but this study suggests a single methodology likely to investigate all the database systems while considering the common characteristics of database system. A method of detecting a server, data acquiring and investigating data in the server can be usefully used for such an investigation in the enterprise environment. Therefore, such a methodology will be explained through a way of carrying out a forensic investigation on SQL Server Database of Microsoft Corporation.

Original languageEnglish
Title of host publicationSecure and Trust Computing, Data Management, and Applications - 8th FTRA International Conference, STA 2011, Proceedings
Pages164-171
Number of pages8
DOIs
Publication statusPublished - 2011
Event8th FTRA International Conference on Secure and Trust Computing, Data Management, and Application, STA 2011 - Loutraki, Greece
Duration: 2011 Jun 282011 Jun 30

Publication series

NameCommunications in Computer and Information Science
Volume186 CCIS
ISSN (Print)1865-0929

Other

Other8th FTRA International Conference on Secure and Trust Computing, Data Management, and Application, STA 2011
Country/TerritoryGreece
CityLoutraki
Period11/6/2811/6/30

Keywords

  • database server
  • enterprise
  • forensic
  • network topology

ASJC Scopus subject areas

  • General Computer Science
  • General Mathematics

Fingerprint

Dive into the research topics of 'The method of database server detection and investigation in the enterprise environment'. Together they form a unique fingerprint.

Cite this