CDBFIP: Common Database Forensic Investigation Processes for Internet of Things

Date

2017-10

Authors

Al-Dhaqm, Arafat
Razak, Shukor
Othman, Siti Hajar
Choo, Kim-Kwang Raymond
Glisson, William Bradley
Ali, Abulalem
Abrar, Mohammad

Journal Title

Journal ISSN

Volume Title

Publisher

IEEE Access

Abstract

Database forensics is a domain that uses database content and metadata to reveal malicious activities on database systems in an Internet of Things environment. Although the concept of database forensics has been around for a while, the investigation of cybercrime activities and cyber breaches in an Internet of Things environment would benefit from the development of a common investigative standard that unifies the knowledge in the domain. Therefore, this paper proposes common database forensic investigation processes using a design science research approach. The proposed process comprises four phases, namely:

  1. identification; 2) artefact collection; 3) artefact analysis; and 4) the documentation and presentation process. It allows the reconciliation of the concepts and terminologies of all common database forensic investigation processes; hence, it facilitates the sharing of knowledge on database forensic investigation among domain newcomers, users, and practitioners.

Description

Article published in IEEE Access in 2017

Keywords

Forensics, database forensics, Internet of Things forensics

Citation

Arafat Al-dhaqm, Shukor Razak, Siti Hajar Othman, Kim-Kwang Raymond Choo, William Bradley Glisson, Abdulalem Ali, and Mohammad Abrar: “CDBFIP: Common Database Forensic Investigation Processes for Internet of Things,” IEEE Access, 2017. DOI 10.1109/ACCESS.2017.2762693