Forensic analysis of database tampering
Sponsored Links
This presentation is the property of its rightful owner.
1 / 13

Forensic Analysis of Database Tampering PowerPoint PPT Presentation


  • 140 Views
  • Uploaded on
  • Presentation posted in: General

Forensic Analysis of Database Tampering. Raul Quinonez CS 4398 Digital Forensics 10/25/13. Introduction. How to detect tampering? What data has been tampered? Who did it via forensic analysis?. Tamper Detection. Cryptographic Hashing functions Normal Processing Phase

Download Presentation

Forensic Analysis of Database Tampering

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Forensic Analysis of Database Tampering

Raul Quinonez

CS 4398 Digital Forensics

10/25/13


Introduction

  • How to detect tampering?

  • What data has been tampered?

  • Who did it via forensic analysis?


Tamper Detection

Cryptographic Hashing functions

Normal Processing Phase

Digital Normalization Service


Temporal Detection

  • Each transaction is hashed

  • Identify corrupted stored data transactions

  • Focus on original time of transaction and time of corrupted transaction

  • Several corrupted tuples- Multi-locus

  • Single corrupted tuple- Single-locus


Corruption Diagram


Forensic Analysis

  • Monochromatic

    • Cumulative hash chains (black)

  • RGBY

    • Three types of chains (Red, green, blue)

  • Tiled Bitmap

    • Tiles of chains over continous data segments

  • a3D Algorithm

    • Partial hash chanis changes with transaction time


Monochromatic Corruption Diagram


RGBY Corruption Diagram


Tiled Bitmap Corruption Diagram


a3D Algorithm


Forensic Algorithm Comparison

  • Tiled bitmap is the cheapest

  • Monochromatic is the easiest to implement

  • RGBY is the best option for larger corruption cases

  • a3D Algorithm has a constant cost


Conclusion

  • How, what and who?

  • Forensic Algorithms

  • Comparison of algorithms


References

  • Kyri Pavlou and Richard T. Snodgrass, "Forensic Analysis of Database Tampering," in Proceedings of the ACM SIGMOD International Conference on Management of Data (SIGMOD), pages 109-120, Chicago, June, 2006.


  • Login