1/1
A Forensic Examination of Database Slack
This research includes an examination and analysis of the phenomenon of database slack.
Database forensics is an underexplored subfield of Digital Forensics, and the lack of research is
becoming more important with every breach and theft of data. A small amount of research exists
in the literature regarding database slack. This exploratory work examined what partial records of
forensic significance can be found in database slack. A series of experiments performed update
and delete transactions upon data in a PostgreSQL database, which created database slack.
Patterns of hexadecimal indicators for database slack in the file system were found and analyzed.
Despite limitations in the experiments, the results indicated that partial records of forensic
significance are found in database slack. Significantly, partial records found in database slack
may aid a forensic investigation of a database breach. The details of the hexadecimal patterns of
the database slack fill in gaps in the literature, the impact of log findings on an investigation was
shown, and complexity aspects back up existing parts of database forensics research. This
research helped to lessen the dearth of work in the area of database forensics as well as database slack.
Database forensics is an underexplored subfield of Digital Forensics, and the lack of research is
becoming more important with every breach and theft of data. A small amount of research exists
in the literature regarding database slack. This exploratory work examined what partial records of
forensic significance can be found in database slack. A series of experiments performed update
and delete transactions upon data in a PostgreSQL database, which created database slack.
Patterns of hexadecimal indicators for database slack in the file system were found and analyzed.
Despite limitations in the experiments, the results indicated that partial records of forensic
significance are found in database slack. Significantly, partial records found in database slack
may aid a forensic investigation of a database breach. The details of the hexadecimal patterns of
the database slack fill in gaps in the literature, the impact of log findings on an investigation was
shown, and complexity aspects back up existing parts of database forensics research. This
research helped to lessen the dearth of work in the area of database forensics as well as database slack.
History
Degree Type
- Master of Science
Department
- Computer and Information Technology
Campus location
- West Lafayette
