Forensic Investigation for Database Tampering using Audit Logs

Madhuri Aphale, Utkarsha Borikar, Bhagyashri Kardile, Vrushali Vasekar, Prof. Jadhav Shital
2015 International Journal of Engineering Research and  
Secure data storage is an everyday requirement for public businesses, government agencies and many institutions. For many organizations, if data were to be maliciously changed, whether by an outsider or by an inside intruder, it could cause severe consequences for the company. Database auditing is the process to be carried out on continuous basis. Native auditing is fail because it is fully under the control of the DBAs, who can turn off auditing, Clear the audit logs, manipulate an audit
more » ... , or even reconfigure auditing to filter their own malicious activity. Mechanism now exists that detect tampering of database through use of cryptographically strong one way hash function. Forensic analysis algorithms can help to determine when and what data tampered. . In database there are many places where parts of the data are temporarily stored using this data we can reveal past activities, create a timeline and recover deleted data. Forensic analysis means collect evidence from number of location in database. Audit log is log file that maintain the activity performed by user on the database .In the survey it found that 70% intruder is internal users or employee or DBA who tampered data. So we have to identify the secure audit technique such that it can identify data tampered in database or tampered in audit log.
doi:10.17577/ijertv4is030787 fatcat:7gusuhxacrajpje6nduufcw7e4