Abstract
Database Forensics (DBF) is a widespread area of knowledge. It has many complex features and is well known amongst database investigators and practitioners. Several models and frameworks have been created specifically to allow knowledge-sharing and effective DBF activities. However, these are often narrow in focus and address specified database incident types. We have analysed 60 such models in an attempt to uncover how numerous DBF activities are really public even when the actions vary. We then generate a unified abstract view of DBF in the form of a metamodel. We identified, extracted, and proposed a common concept and reconciled concept definitions to propose a metamodel. We have applied a metamodelling process to guarantee that this metamodel is comprehensive and consistent.
Highlights
Database Forensics (DBF) is a field of digital forensic investigation that addresses database contents and their metadata [1]
Identification is a process in which Database Forensics identifies entire resources that may be used for investigative purposes
In almost all DBF models observed, we found the existence of InvestigationTeam during most of the Database Forensic models
Summary
Database Forensics (DBF) is a field of digital forensic investigation that addresses database contents and their metadata [1]. The issues of different concepts and terminologies in terms of the forensic investigation process and the scattering of domain knowledge in all directions have produced other challenges for DBF investigators and practitioners This knowledge (such as models, processes, techniques, tools, frameworks, methods, activities, approaches, and algorithms) is neither organized nor structured. DBF domain has been discussed from three perspectives: i) Database Forensic Dimensions -based (e.g., destroyed, compromised, and changed); ii) Database Forensic Technology-based (e.g., tools, algorithms, and methods); and iii) Database Forensic Investigation Process-based (e.g., Identification, Artefact collection, Artefact analysis, Documentation and Presentation). A survey of the DBF field/domain is first conducted by studying the huge amount of existing DBF models, frameworks, methods, approaches and techniques from three perspectives (60 in total) This gives us a broad knowledge of DBF actions, activities, and operations. To create the DBFM, we used the 8 steps Metamodelling Creation Process adapted from [87,88], which is described below
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.