Abstract
The information security for securing enterprise databases from internal and external attacks and violations of mutual policy is an interminable struggle. With the growing number of attacks and frauds, the organizations are finding it difficult to meet various regulatory compliance requirements such as SOX, HIPAA, and state privacy laws. The aim here is to develop a methodology which monitors the database transactions on continuous basis and to make a decision whether the database transactions are legitimate or suspicious by combining multiple evidences gathered. The suspicious transactions can then be used for forensic analysis to reconstruct the illegal activity carried out in an organization. This can be achieved by incorporating information accountability in Database Management System. Information accountability means, the information usage should be transparent so that it is possible to determine whether a use is appropriate under a given set of rules. We focus on effective information accountability of data stored in high-performance databases through database forensics which collects and analyses database transactions collected through various sources and artifacts like data cache, log files, error logs etc. having volatile or non-volatile characteristics within high performance databases. The information and multiple evidences collected are then analyzed using an Extended Dempster-Shafer theory(EDST). It  combines multiple such evidences and an initial belief is computed for suspected transactions which can be further used for reconstructing the activity in database forensics process.
Highlights
Information is one of the most important assets for any organization
According to a computer crime and security survey conducted by the Computer Security Institute (CSI) [2] in 2011, large-scale breaches dropped dramatically while small attacks increased
We propose database forensic methodology [11] that collects and analyses evidences and artifacts like data cache, log files etc. in high performance database
Summary
Information is one of the most important assets for any organization. It is essential to protect such an asset for establishing and maintaining a truthful relationship between any organization and its clients or user community. Continuous monitor of database transactions can keep accountability of the databases activities from unauthorized accesses or malicious actions carried out by an intruder This can be assured by keeping information accountability [9,10] that is if the system administrator is able to track users' activities which is carried out in a trusted server users can be held responsible for their illegal actions. We are working to show information accountability can effectively realize appropriate use (i.e., guarantee no unauthorized modifications—insertions, deletions, updates) in high-performance databases[9,10]. These systems aim to detect attacks as early as possible so that the damage caused by the attackers is minimized with true positive. The theory‘s rule of combination gives a numerical method to fuse multiple pieces of information to derive a conclusion
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: INTERNATIONAL JOURNAL OF COMPUTERS & TECHNOLOGY
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
