The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.04 - April (2010 vol.22)
pp: 590-601
Kyriacos E. Pavlou , University of Arizona, Tucson
Richard T. Snodgrass , University of Arizona, Tucson
ABSTRACT
Tampering of a database can be detected through the use of cryptographically strong hash functions. Subsequently, applied forensic analysis algorithms can help determine when, what, and perhaps ultimately who and why. This paper presents a novel forensic analysis algorithm, the Tiled Bitmap Algorithm, which is more efficient than prior forensic analysis algorithms. It introduces the notion of a candidate set (all possible locations of detected tampering(s)) and provides a complete characterization of the candidate set and its cardinality. An optimal algorithm for computing the candidate set is also presented. Finally, the implementation of the Tiled Bitmap Algorithm is discussed, along with a comparison to other forensic algorithms in terms of space/time complexity and cost. An example of candidate set generation and proofs of the theorems and lemmata and of algorithm correctness can be found in the appendix, which can be found on the Computer Society Digital Library at http://doi.ieeecomputersociety.org/10.1109/TKDE.2009.121.
INDEX TERMS
Database management, security, integrity, and protection, temporal databases.
CITATION
Kyriacos E. Pavlou, Richard T. Snodgrass, "The Tiled Bitmap Forensic Analysis Algorithm", IEEE Transactions on Knowledge & Data Engineering, vol.22, no. 4, pp. 590-601, April 2010, doi:10.1109/TKDE.2009.121
REFERENCES
[1] CSI/FBI, "Tenth Annual Computer Crime and Security Survey," http://www.cpppe.umd.edu/Bookstore/Documents 2005CSISurvey.pdf, 2009.
[2] P.A. Gerr, B. Babineau, and P.C. Gordon, "Compliance: The Effect on Information Management and the Storage Industry," technical report, Enterprise Storage Group, http://www.enterprisestrategy group.com/ ESGPublicationsReportDetail.asp?ReportID=201 , 2009.
[3] M.T. Goodrich, M.J. Atallahand, and R. Tamassia, "Indexing Information for Data Forensics," Proc. Conf. Applied Cryptography and Network Security, pp. 206-221, 2005.
[4] B. Li, M.S. Hsiao, and S. Sheng, "A Novel SAT All-Solutions Solver for Efficient Preimage Computation," Proc. IEEE Int'l Conf. Design, Automation and Test in Europe, vol. 1, Feb. 2004.
[5] M. Malmgren, "An Infrastructure for Database Tamper Detection and Forensic Analysis," honors thesis, Univ. of Arizona, http://www.cs.arizona.edu/projects/tau/tbdb MelindaMalmgrenThe sis.pdf, 2009.
[6] J. Mena, Investigative Data Mining for Security and Criminal Detection. Butterworth Heinemann, 2003.
[7] K.E. Pavlou and R.T. Snodgrass, "Forensic Analysis of Database Tampering," Proc. ACM SIGMOD Int'l Conf. Management of Data, pp. 109-120, June 2006.
[8] K.E. Pavlou and R.T. Snodgrass, "Forensic Analysis of Database Tampering," ACM Trans. Database Systems, vol. 33, no. 4, pp. 1-47, Nov. 2008.
[9] S. Sheng and M.S. Hsiao, "Efficient Preimage Computation Using a Novel Success-Driven ATPG," Proc. IEEE Int'l Conf. Design, Automation and Test in Europe, vol. 1, Mar. 2003.
[10] R.T. Snodgrass, S.S. Yao, and C. Collberg, "Tamper Detection in Audit Logs," Proc. Int'l Conf. Very Large Databases, pp. 504-515, Sept. 2004.
[11] C. Strachey, "Bitwise Operations," Comm. ACM, vol. 4, no. 3, p. 146, Mar. 1961.
[12] U.S. Dept. of Health & Human Services, The Health Insurance Portability and Accountability Act (HIPAA), http://www.cms.hhs. govHIPAAGenInfo/, 2009.
[13] The Public Company Accounting Reform and Investor Protection Act, U.S. Public Law No. 107-204, 116 Stat. 745, 2002.
20 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool