CIPM: Common identification process model for database forensics field
Database Forensics (DBF) domain is a branch of digital forensics, concerned with the identification, collection, reconstruction, analysis, and documentation of database crimes. Different researchers have introduced several identification models to handle database crimes. Majority of proposed models...
Main Authors: | , , , , , |
---|---|
Format: | Conference or Workshop Item |
Language: | English |
Published: |
2021
|
Subjects: | |
Online Access: | http://eprints.utm.my/94566/1/ArafatAlDhaqm2021_CIPMCommonIdentificationProcessModel.pdf |
_version_ | 1796865847868784640 |
---|---|
author | Alfadli, Ibrahim M. Ghabban, Fahad M. Ameerbakhsh, Omair AbuAli, Amer Nizar Al-Dhaqm, Arafat Al-Khasawneh, Mahmoud Ahmad |
author_facet | Alfadli, Ibrahim M. Ghabban, Fahad M. Ameerbakhsh, Omair AbuAli, Amer Nizar Al-Dhaqm, Arafat Al-Khasawneh, Mahmoud Ahmad |
author_sort | Alfadli, Ibrahim M. |
collection | ePrints |
description | Database Forensics (DBF) domain is a branch of digital forensics, concerned with the identification, collection, reconstruction, analysis, and documentation of database crimes. Different researchers have introduced several identification models to handle database crimes. Majority of proposed models are not specific and are redundant, which makes these models a problem because of the multidimensional nature and high diversity of database systems. Accordingly, using the metamodeling approach, the current study is aimed at proposing a unified identification model applicable to the database forensic field. The model integrates and harmonizes all exiting identification processes into a single abstract model, called Common Identification Process Model (CIPM). The model comprises six phases: 1) notifying an incident, 2) responding to the incident, 3) identification of the incident source, 4) verification of the incident, 5) isolation of the database server and 6) provision of an investigation environment. CIMP was found capable of helping the practitioners and newcomers to the forensics domain to control database crimes. |
first_indexed | 2024-03-05T21:03:20Z |
format | Conference or Workshop Item |
id | utm.eprints-94566 |
institution | Universiti Teknologi Malaysia - ePrints |
language | English |
last_indexed | 2024-03-05T21:03:20Z |
publishDate | 2021 |
record_format | dspace |
spelling | utm.eprints-945662022-03-31T15:47:49Z http://eprints.utm.my/94566/ CIPM: Common identification process model for database forensics field Alfadli, Ibrahim M. Ghabban, Fahad M. Ameerbakhsh, Omair AbuAli, Amer Nizar Al-Dhaqm, Arafat Al-Khasawneh, Mahmoud Ahmad QA75 Electronic computers. Computer science Database Forensics (DBF) domain is a branch of digital forensics, concerned with the identification, collection, reconstruction, analysis, and documentation of database crimes. Different researchers have introduced several identification models to handle database crimes. Majority of proposed models are not specific and are redundant, which makes these models a problem because of the multidimensional nature and high diversity of database systems. Accordingly, using the metamodeling approach, the current study is aimed at proposing a unified identification model applicable to the database forensic field. The model integrates and harmonizes all exiting identification processes into a single abstract model, called Common Identification Process Model (CIPM). The model comprises six phases: 1) notifying an incident, 2) responding to the incident, 3) identification of the incident source, 4) verification of the incident, 5) isolation of the database server and 6) provision of an investigation environment. CIMP was found capable of helping the practitioners and newcomers to the forensics domain to control database crimes. 2021 Conference or Workshop Item PeerReviewed application/pdf en http://eprints.utm.my/94566/1/ArafatAlDhaqm2021_CIPMCommonIdentificationProcessModel.pdf Alfadli, Ibrahim M. and Ghabban, Fahad M. and Ameerbakhsh, Omair and AbuAli, Amer Nizar and Al-Dhaqm, Arafat and Al-Khasawneh, Mahmoud Ahmad (2021) CIPM: Common identification process model for database forensics field. In: 2nd International Conference on Smart Computing and Electronic Enterprise, ICSCEE 2021, 15 - 16 June 2021, Virtual, Online. http://dx.doi.org/10.1109/ICSCEE50312.2021.9498014 |
spellingShingle | QA75 Electronic computers. Computer science Alfadli, Ibrahim M. Ghabban, Fahad M. Ameerbakhsh, Omair AbuAli, Amer Nizar Al-Dhaqm, Arafat Al-Khasawneh, Mahmoud Ahmad CIPM: Common identification process model for database forensics field |
title | CIPM: Common identification process model for database forensics field |
title_full | CIPM: Common identification process model for database forensics field |
title_fullStr | CIPM: Common identification process model for database forensics field |
title_full_unstemmed | CIPM: Common identification process model for database forensics field |
title_short | CIPM: Common identification process model for database forensics field |
title_sort | cipm common identification process model for database forensics field |
topic | QA75 Electronic computers. Computer science |
url | http://eprints.utm.my/94566/1/ArafatAlDhaqm2021_CIPMCommonIdentificationProcessModel.pdf |
work_keys_str_mv | AT alfadliibrahimm cipmcommonidentificationprocessmodelfordatabaseforensicsfield AT ghabbanfahadm cipmcommonidentificationprocessmodelfordatabaseforensicsfield AT ameerbakhshomair cipmcommonidentificationprocessmodelfordatabaseforensicsfield AT abualiamernizar cipmcommonidentificationprocessmodelfordatabaseforensicsfield AT aldhaqmarafat cipmcommonidentificationprocessmodelfordatabaseforensicsfield AT alkhasawnehmahmoudahmad cipmcommonidentificationprocessmodelfordatabaseforensicsfield |