Proposal / Submission Type
Peer Reviewed Paper
Start Date
18-5-2018 8:45 AM
End Date
18-5-2018 9:20 AM
Abstract
Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows for the location of evidential artifacts promptly. Initially, the database contains artifacts from existing research that can be used to prove usage. The ultimate goal is to create an Open Source collaborative environment for researchers and practitioners to add artifacts as we go along. The reasons for choosing a graph database are presented in the paper.
Scholarly Commons Citation
Shumba, Rose, "Exploring the Use of Graph Databases to Catalog Artifacts for Client Forensics" (2018). Annual ADFSL Conference on Digital Forensics, Security and Law. 5.
https://commons.erau.edu/adfsl/2018/presentations/5
Included in
Aviation Safety and Security Commons, Computer Law Commons, Defense and Security Studies Commons, Forensic Science and Technology Commons, Information Security Commons, National Security Law Commons, OS and Networks Commons, Other Computer Sciences Commons, Social Control, Law, Crime, and Deviance Commons
Exploring the Use of Graph Databases to Catalog Artifacts for Client Forensics
Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted. It is providing users with data storage and processing services, enabling access to resources through multiple devices. Although organizations continue to embrace the advantages of flexibility and scalability offered by cloud computing, insider threats are becoming a serious concern as cited by security researchers. Insiders can use authorized access to steal sensitive information, calling for the need for an investigation. This concept paper describes research in progress towards developing a Neo4j graph database tool to enhance client forensics. The tool, with a Python interface, allows for the location of evidential artifacts promptly. Initially, the database contains artifacts from existing research that can be used to prove usage. The ultimate goal is to create an Open Source collaborative environment for researchers and practitioners to add artifacts as we go along. The reasons for choosing a graph database are presented in the paper.
Comments
Visit the Panel Session page