The method of database server detection and investigation in the enterprise environment

Namheun Son, Keun Gi Lee, Sangjun Jeon, Hyunji Chung, Sangjin Lee, Changhoon Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)

Abstract

When a forensic investigation is carried out in the enterprise environment, most of the important data is stored in database servers, and data stored in them are very important elements for a forensic investigation. As for database servers with such data stored, there are over 10 various kinds, such as SQL Server, Mysql and Oracle. All the methods of investigating a database system are important, but this study suggests a single methodology likely to investigate all the database systems while considering the common characteristics of database system. A method of detecting a server, data acquiring and investigating data in the server can be usefully used for such an investigation in the enterprise environment. Therefore, such a methodology will be explained through a way of carrying out a forensic investigation on SQL Server Database of Microsoft Corporation.

Original languageEnglish
Title of host publicationCommunications in Computer and Information Science
Pages164-171
Number of pages8
Volume186 CCIS
DOIs
Publication statusPublished - 2011 Jul 14
Event8th FTRA International Conference on Secure and Trust Computing, Data Management, and Application, STA 2011 - Loutraki, Greece
Duration: 2011 Jun 282011 Jun 30

Publication series

NameCommunications in Computer and Information Science
Volume186 CCIS
ISSN (Print)18650929

Other

Other8th FTRA International Conference on Secure and Trust Computing, Data Management, and Application, STA 2011
CountryGreece
CityLoutraki
Period11/6/2811/6/30

    Fingerprint

Keywords

  • database server
  • enterprise
  • forensic
  • network topology

ASJC Scopus subject areas

  • Computer Science(all)

Cite this

Son, N., Lee, K. G., Jeon, S., Chung, H., Lee, S., & Lee, C. (2011). The method of database server detection and investigation in the enterprise environment. In Communications in Computer and Information Science (Vol. 186 CCIS, pp. 164-171). (Communications in Computer and Information Science; Vol. 186 CCIS). https://doi.org/10.1007/978-3-642-22339-6_20