Forensic analysis of database tampering
This presentation is the property of its rightful owner.
Sponsored Links
1 / 13

Forensic Analysis of Database Tampering PowerPoint PPT Presentation


  • 113 Views
  • Uploaded on
  • Presentation posted in: General

Forensic Analysis of Database Tampering. Raul Quinonez CS 4398 Digital Forensics 10/25/13. Introduction. How to detect tampering? What data has been tampered? Who did it via forensic analysis?. Tamper Detection. Cryptographic Hashing functions Normal Processing Phase

Download Presentation

Forensic Analysis of Database Tampering

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Forensic analysis of database tampering

Forensic Analysis of Database Tampering

Raul Quinonez

CS 4398 Digital Forensics

10/25/13


Introduction

Introduction

  • How to detect tampering?

  • What data has been tampered?

  • Who did it via forensic analysis?


Tamper detection

Tamper Detection

Cryptographic Hashing functions

Normal Processing Phase

Digital Normalization Service


Temporal detection

Temporal Detection

  • Each transaction is hashed

  • Identify corrupted stored data transactions

  • Focus on original time of transaction and time of corrupted transaction

  • Several corrupted tuples- Multi-locus

  • Single corrupted tuple- Single-locus


Corruption diagram

Corruption Diagram


Forensic analysis

Forensic Analysis

  • Monochromatic

    • Cumulative hash chains (black)

  • RGBY

    • Three types of chains (Red, green, blue)

  • Tiled Bitmap

    • Tiles of chains over continous data segments

  • a3D Algorithm

    • Partial hash chanis changes with transaction time


Monochromatic corruption diagram

Monochromatic Corruption Diagram


Rgby corruption diagram

RGBY Corruption Diagram


Tiled bitmap corruption diagram

Tiled Bitmap Corruption Diagram


A3d algorithm

a3D Algorithm


Forensic algorithm comparison

Forensic Algorithm Comparison

  • Tiled bitmap is the cheapest

  • Monochromatic is the easiest to implement

  • RGBY is the best option for larger corruption cases

  • a3D Algorithm has a constant cost


Conclusion

Conclusion

  • How, what and who?

  • Forensic Algorithms

  • Comparison of algorithms


References

References

  • Kyri Pavlou and Richard T. Snodgrass, "Forensic Analysis of Database Tampering," in Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD), pages 109-120, Chicago, June, 2006.


  • Login