StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Invistigation Forensics : how to find evidence from an oracle data base - Research Paper Example

Cite this document
Summary
Be they banks or industries or small shops, information security has become crucial more than ever before. Since many employees, in one way or other, are connected and involved in…
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER94.2% of users find it useful
Invistigation Forensics : how to find evidence from an oracle data base
Read Text Preview

Extract of sample "Invistigation Forensics : how to find evidence from an oracle data base"

Problem ment: In today’s technology-oriented world, information has become the lifeline of businesses. Be they banks or industries or small shops, information security has become crucial more than ever before. Since many employees, in one way or other, are connected and involved in information processing, security concerns have risen drastically. Thus, proper data integration and developing a contingency plan for the precise recovery of past data have become inevitable.Literature Review:Wright, P.M. (2005) practically evaluates the effectiveness of using LogMiner utility as an Oracle Forensics investigation tool.

He typically started to assess the tool’s applicability by testing how rightly it creates a timeline and records the database actions that occurred in the past. Subsequently, the LogMiner’s transformation, interpretation and authenticity of Time Stamp data type were focused on.Under the heading “Scope of LogMiner testing” he defined that LogMiner could be used to analyze the Oracle generated redo log files containing information regarding the changes made for either recovering infected file(s)/corrupted data or tracking past actions.

He further added that another method of ensuring database security is to regularly monitoring the Oracle built-in audit functions. In order to check the reliability & validity of LogMiner, the researcher carried out the following three tests:1. General forensic capability: Can the LogMiner utility produce a forensic timeline and recover data?2. Accuracy level: Precision of TIMESTAMP identified during test 1.3. Find out source of inaccuracy: Is the inaccuracy fault lies in the LogMiner?(1) General capability:Results of test 1 showed that an index giving full time line was created disregarding the researcher’s page count.

Moreover, the column showing timestamp indicated an accuracy of one second while a timestamp by default shows one second with 6 decimal places. The data recovery phase also took place well. To ensure validity, the test was repeated 20 times and it yielded perfect results every time it ran.(2) Level of Precision of Timestamp:The reason Timestamp field was not showing decimal places for second could possibly be format mask or it may be defined right on the second or perhaps it was not a time field at all.

Having run the query, it was found that the timestamp field was defined as Date field while the field was wrongly named as “Timestamp” which was misrepresenting in a forensics context. However lateron, a test was run creating a proper Timestamp field to see if LogMiner can store the decimal places. The test was run thrice – once after rebooting the system and the results were same in all instances.(3) LogMiner’s Imprecision or the logs themselves? This test was aimed to determine what causes imperfection in reporting Timestamps – i.e. it is LogMiner or the redo logs that distorts the fractional decimals in a second.

To test it timestamps were entered into the database – one with decimal places and another without and then analyzed the variance in the converted log. Having run the test, results showed that it was LogMiner that converted Timestamps into Dates causing distortion in fractional decimal places. The test was conducted multiple times and it yielded the same occurrence.ConclusionsHe concluded that all the tests were successfully conducted and results occurred as expected. LogMiner lets the analyst to run Structured Query Language (SQL) to the Oracle’s redo logs which are independent of database.

The tool enables you to verify the information found on a normal dbf and enables you to recover the lost data.ReferencesWright, P.M. (2005). Fight crime. Unravel incidents. one byte at a time: Oracle Database Forensics using LogMiner, SANS Institute, 1-39. Retrieved May 30, 2011, from http://computer-forensics.sans.org/community/papers/gcfa/oracle-database-forensics-logminer_159

Read More
Tags
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Invistigation Forensics : how to find evidence from an oracle data Research Paper”, n.d.)
Invistigation Forensics : how to find evidence from an oracle data Research Paper. Retrieved from https://studentshare.org/miscellaneous/1577563-invistigation-forensics-how-to-find-evidence-from-an-oracle-data-base
(Invistigation Forensics : How to Find Evidence from an Oracle Data Research Paper)
Invistigation Forensics : How to Find Evidence from an Oracle Data Research Paper. https://studentshare.org/miscellaneous/1577563-invistigation-forensics-how-to-find-evidence-from-an-oracle-data-base.
“Invistigation Forensics : How to Find Evidence from an Oracle Data Research Paper”, n.d. https://studentshare.org/miscellaneous/1577563-invistigation-forensics-how-to-find-evidence-from-an-oracle-data-base.
  • Cited: 0 times

CHECK THESE SAMPLES OF Invistigation Forensics : how to find evidence from an oracle data base

Network and Operating System Investigation

Likewise, ISP also provides site-to-site VPN connectivity from where all the classified data is encrypted from one end to the other.... Current technological trends have revolutionized the methods of storing data along with different advanced access mechanisms.... The data can be extracted from storage devices including hard drives, flash drives, and memory cards etc.... ) Digital Forensics for a Database In order to conduct data forensics, some of the particular methods are mentioned below: data dictionary extraction is achievable in flat files and 'redo' log files....
4 Pages (1000 words) Research Paper

Forensic Evidence

After investigating computers, it was discovered that the serial killer John Robinson was using internet to find people to schedule a meeting.... Current technological trends have revolutionized the methods of storing data along with different advanced access mechanisms.... The data can be extracted from storage devices including hard drives, flash drives, memory cards etc (Computer forensics – a critical need in computer, n.... There are many ways of forensic data acquisition on a network; we will only consider best practices....
5 Pages (1250 words) Research Paper

Reporting Forensic Evidence

Reporting Forensic Evidence Name: Instructor: Task: Date: Reporting Forensic Evidence It is very critical and essential for any forensic investigator carrying out any form of forensic investigation to be familiar with the types of the data collected to be used as the final forensic report.... The use of the computer to practice the forensic investigations enables a quick identification and capture of the potential criminal through the use of vital data in the computer (Stauffer & Bonfanti, 2006)....
4 Pages (1000 words) Research Paper

Forensic Evidence Needed to Find

But it was them who were surprised with the news from their daughter's flatmates that "Caroline has not been around for 3 days.... Among the questions to be answered are: What is her everyday routine Have they noticed anything awkward in her actuations in the past few days What are her affiliations Who are the persons she has been going out lately Is there a reason for her to run away Is it the first time for her to run away, go somewhere without telling her parents or anyone close to her If so, what was her reason for running away before Has she quarreled with anyone lately Has she confided about noticing something suspicious Apart from the interview with relatives, friends and contacts, Caroline Anderson's photograph is one of the basic evidences....
4 Pages (1000 words) Case Study

The Use of Polygraph Testing as Evidence

The test measures physiological data from three or more systems of the human body- generally, the respiratory, cardiovascular, and sweat gland systems-but not the voice.... The validity of the polygraph testing to be used as an evidence has been questioned by many scientists who made several studies on the matter saying that it is not a reliable means of knowing if someone is telling the truth or not.... This proposal led to a legislative mandate legalizing the function of polygraph tests in Under these two conflicting issues, the question still remains, is the use of polygraph testing a sufficient evidence to pin down a suspicious character?...
9 Pages (2250 words) Essay

Digital forensic investigation

The main focus area of digital forensics is in the cyber crimes that are committed on frequents… The investigators use various techniques to recover the data which would be necessary to catch the parties which are involved at that particular moment (Kipper, 2010). Acquisition: In this process, the information in the hard drive that is being investigated is icated and the information blocked or writer blocked so as to prevent the information on the hard drive from being altered or modified (Kaliski, 2006)....
20 Pages (5000 words) Essay

Investigation of Crytolocker: Trace Analysis With Wireshark and Windows 2003 Server

his software, therefore, does the encoding of data and therefore there is the only access to the information by the authorized people.... The image below shows the data encryption process (Richard, 2013).... ne factor that is worth noting is that they are developed so that the promiscuous persons can solicit some money from the people with the computers that have been affected by the virus.... It s software that gets into a computer system and then bars the owner of the computer from accessing the services or the system until a ransom is paid (Kevin, 2012)....
18 Pages (4500 words) Coursework

How Police, Doctors and Philosophers Help to Solve Crimes

This enables police officers to acquire much-needed skills and knowledge from the multicultural learning facilities to restrain outlaw behaviors.... The author of "how Police, Doctors, and Philosophers Help to Solve Crimes" paper states that crime impacts everyone either indirectly through economic costs or directly as a victim....
5 Pages (1250 words) Essay
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us