Data Tamper Detection from NoSQL Database in Forensic Environment

Q3 Computer Science

Journal of Cyber Security and Mobility Pub Date : 2021-04-08 DOI:10.13052/jcsm2245-1439.1025

Rupali M. Chopade, V. Pachghare

{"title":"Data Tamper Detection from NoSQL Database in Forensic Environment","authors":"Rupali M. Chopade, V. Pachghare","doi":"10.13052/jcsm2245-1439.1025","DOIUrl":null,"url":null,"abstract":"The growth of service sector is increasing the usage of digital applications worldwide. These digital applications are making use of database to store the sensitive and secret information. As the database has distributed over the internet, cybercrime attackers may tamper the database to attack on such sensitive and confidential information. In such scenario, maintaining the integrity of database is a big challenge. Database tampering will change the database state by any data manipulation operation like insert, update or delete. Tamper detection techniques are useful for the detection of such data tampering which play an important role in database forensic investigation process. Use of NoSQL database has been attracted by big data requirements. Previous research work has limited to tamper detection in relational database and very less work has been found in NoSQL database. So there is a need to propose a mechanism to detect the tampering of NoSQL database systems. Whereas this article proposes an idea of tamper detection in NoSQL database such as MongoDB and Cassandra, which are widely used document-oriented and column-based NoSQL database respectively. This research work has proposed tamper detection technique which works in forensic environment to give more relevant outcome on data tampering and distinguish between suspicious and genuine tampering. ","PeriodicalId":37820,"journal":{"name":"Journal of Cyber Security and Mobility","volume":"179 1","pages":"421-450"},"PeriodicalIF":0.0000,"publicationDate":"2021-04-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Cyber Security and Mobility","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.13052/jcsm2245-1439.1025","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 4

Abstract

The growth of service sector is increasing the usage of digital applications worldwide. These digital applications are making use of database to store the sensitive and secret information. As the database has distributed over the internet, cybercrime attackers may tamper the database to attack on such sensitive and confidential information. In such scenario, maintaining the integrity of database is a big challenge. Database tampering will change the database state by any data manipulation operation like insert, update or delete. Tamper detection techniques are useful for the detection of such data tampering which play an important role in database forensic investigation process. Use of NoSQL database has been attracted by big data requirements. Previous research work has limited to tamper detection in relational database and very less work has been found in NoSQL database. So there is a need to propose a mechanism to detect the tampering of NoSQL database systems. Whereas this article proposes an idea of tamper detection in NoSQL database such as MongoDB and Cassandra, which are widely used document-oriented and column-based NoSQL database respectively. This research work has proposed tamper detection technique which works in forensic environment to give more relevant outcome on data tampering and distinguish between suspicious and genuine tampering.

查看原文本刊更多论文

取证环境下NoSQL数据库数据篡改检测

服务业的增长正在增加全球数字应用程序的使用。这些数字化应用都是利用数据库来存储敏感和机密信息。由于数据库在互联网上分布，网络犯罪攻击者可能会篡改数据库以攻击这些敏感和机密信息。在这种情况下，维护数据库的完整性是一个很大的挑战。数据库篡改将通过插入、更新或删除等任何数据操作来改变数据库状态。篡改检测技术是检测此类数据篡改的有效手段，在数据库取证调查过程中起着重要的作用。NoSQL数据库的使用受到大数据需求的吸引。以往的研究工作仅限于关系数据库的篡改检测，对NoSQL数据库的篡改检测工作很少。因此，有必要提出一种检测NoSQL数据库系统被篡改的机制。本文提出了在MongoDB和Cassandra等应用广泛的面向文档和基于列的NoSQL数据库中进行篡改检测的思想。本研究提出了一种适用于法医环境的篡改检测技术，以便对数据篡改给出更相关的结论，并区分可疑篡改和真实篡改。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Cyber Security and Mobility Computer Science-Computer Networks and Communications

CiteScore

2.30

自引率

0.00%

发文量

期刊介绍： Journal of Cyber Security and Mobility is an international, open-access, peer reviewed journal publishing original research, review/survey, and tutorial papers on all cyber security fields including information, computer & network security, cryptography, digital forensics etc. but also interdisciplinary articles that cover privacy, ethical, legal, economical aspects of cyber security or emerging solutions drawn from other branches of science, for example, nature-inspired. The journal aims at becoming an international source of innovation and an essential reading for IT security professionals around the world by providing an in-depth and holistic view on all security spectrum and solutions ranging from practical to theoretical. Its goal is to bring together researchers and practitioners dealing with the diverse fields of cybersecurity and to cover topics that are equally valuable for professionals as well as for those new in the field from all sectors industry, commerce and academia. This journal covers diverse security issues in cyber space and solutions thereof. As cyber space has moved towards the wireless/mobile world, issues in wireless/mobile communications and those involving mobility aspects will also be published.