CDBFIP: Common Database Forensic Investigation Processes for Internet of Things
Date
2017-10
Authors
Al-Dhaqm, Arafat
Razak, Shukor
Othman, Siti Hajar
Choo, Kim-Kwang Raymond
Glisson, William Bradley
Ali, Abulalem
Abrar, Mohammad
Journal Title
Journal ISSN
Volume Title
Publisher
IEEE Access
Abstract
Database forensics is a domain that uses database content and metadata to reveal malicious activities on database systems in an Internet of Things environment. Although the concept of database forensics has been around for a while, the investigation of cybercrime activities and cyber breaches in an Internet of Things environment would benefit from the development of a common investigative standard that unifies the knowledge in the domain. Therefore, this paper proposes common database forensic investigation processes using a design science research approach. The proposed process comprises four phases, namely:
- identification; 2) artefact collection; 3) artefact analysis; and 4) the documentation and presentation process. It allows the reconciliation of the concepts and terminologies of all common database forensic investigation processes; hence, it facilitates the sharing of knowledge on database forensic investigation among domain newcomers, users, and practitioners.
Description
Article published in IEEE Access in 2017
Keywords
Forensics, database forensics, Internet of Things forensics
Citation
Arafat Al-dhaqm, Shukor Razak, Siti Hajar Othman, Kim-Kwang Raymond Choo, William Bradley Glisson, Abdulalem Ali, and Mohammad Abrar: “CDBFIP: Common Database Forensic Investigation Processes for Internet of Things,” IEEE Access, 2017. DOI 10.1109/ACCESS.2017.2762693