Categorization and Organization of Database Forensic Investigation Processes

Arafat Al-Dhaqm; Shukor Abd Razak; David A. Dampier; Kim-Kwang Raymond Choo; Kamran Siddique; Richard Adeyemi Ikuesan; Abdulhadi Alqarni; Victor R. Kebande

doi:10.1109/ACCESS.2020.3000747

IEEE Access (Jan 2020)

Categorization and Organization of Database Forensic Investigation Processes

Arafat Al-Dhaqm,
Shukor Abd Razak,
David A. Dampier,
Kim-Kwang Raymond Choo,
Kamran Siddique,
Richard Adeyemi Ikuesan,
Abdulhadi Alqarni,
Victor R. Kebande

Affiliations

Arafat Al-Dhaqm: ORCiD; Faculty of Engineering, School of Computing, Universiti Teknologi Malaysia (UTM), Johor Bahru, Malaysia
Shukor Abd Razak: ORCiD; Faculty of Engineering, School of Computing, Universiti Teknologi Malaysia (UTM), Johor Bahru, Malaysia
David A. Dampier: ORCiD; College of Engineering and Computer Sciences, Marshall University, Huntington, WV, USA
Kim-Kwang Raymond Choo: ORCiD; Department of Information Systems and Cyber Security, The University of Texas at San Antonio, San Antonio, TX, USA
Kamran Siddique: ORCiD; Information and Communication Technology Department, School of Electrical and Computer Engineering, Xiamen University, Sepang, Malaysia
Richard Adeyemi Ikuesan: ORCiD; Department of Cybersecurity and Networking, School of Information Technology, Community College of Qatar, Doha, Qatar
Abdulhadi Alqarni: ORCiD; Computer Science and Engineering Department, Jubail University College, Jubail, Saudi Arabia
Victor R. Kebande: ORCiD; Computer Science and Media Technology Department, Malmö Universitet, Malmö, Sweden

DOI: https://doi.org/10.1109/ACCESS.2020.3000747
Journal volume & issue: Vol. 8
pp. 112846 – 112858

Abstract

Read online

Database forensic investigation (DBFI) is an important area of research within digital forensics. It's importance is growing as digital data becomes more extensive and commonplace. The challenges associated with DBFI are numerous, and one of the challenges is the lack of a harmonized DBFI process for investigators to follow. In this paper, therefore, we conduct a survey of existing literature with the hope of understanding the body of work already accomplished. Furthermore, we build on the existing literature to present a harmonized DBFI process using design science research methodology. This harmonized DBFI process has been developed based on three key categories (i.e. planning, preparation and pre-response, acquisition and preservation, and analysis and reconstruction). Furthermore, the DBFI has been designed to avoid confusion or ambiguity, as well as providing practitioners with a systematic method of performing DBFI with a higher degree of certainty.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords