Forensic analysis of database tampering
Download
1 / 13

Forensic Analysis of Database Tampering - PowerPoint PPT Presentation


  • 162 Views
  • Uploaded on

Forensic Analysis of Database Tampering. Raul Quinonez CS 4398 Digital Forensics 10/25/13. Introduction. How to detect tampering? What data has been tampered? Who did it via forensic analysis?. Tamper Detection. Cryptographic Hashing functions Normal Processing Phase

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Forensic Analysis of Database Tampering' - karsen


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Forensic analysis of database tampering

Forensic Analysis of Database Tampering

Raul Quinonez

CS 4398 Digital Forensics

10/25/13


Introduction
Introduction

  • How to detect tampering?

  • What data has been tampered?

  • Who did it via forensic analysis?


Tamper detection
Tamper Detection

Cryptographic Hashing functions

Normal Processing Phase

Digital Normalization Service


Temporal detection
Temporal Detection

  • Each transaction is hashed

  • Identify corrupted stored data transactions

  • Focus on original time of transaction and time of corrupted transaction

  • Several corrupted tuples- Multi-locus

  • Single corrupted tuple- Single-locus



Forensic analysis
Forensic Analysis

  • Monochromatic

    • Cumulative hash chains (black)

  • RGBY

    • Three types of chains (Red, green, blue)

  • Tiled Bitmap

    • Tiles of chains over continous data segments

  • a3D Algorithm

    • Partial hash chanis changes with transaction time






Forensic algorithm comparison
Forensic Algorithm Comparison

  • Tiled bitmap is the cheapest

  • Monochromatic is the easiest to implement

  • RGBY is the best option for larger corruption cases

  • a3D Algorithm has a constant cost


Conclusion
Conclusion

  • How, what and who?

  • Forensic Algorithms

  • Comparison of algorithms


References
References

  • Kyri Pavlou and Richard T. Snodgrass, "Forensic Analysis of Database Tampering," in Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD), pages 109-120, Chicago, June, 2006.


ad