Simplified database forensic investigation using metamodeling approach
Database Forensic Investigation (DBFI) domain is a significant field used to identify, collect, preserve, reconstruct, analyze and document database incidents. However, it is a heterogeneous, complex, and ambiguous domain due to the variety and multidimensional nature of database systems. Numerous s...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/98147/1/ArafatMohammedRashadPSC2019.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.98147 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.981472022-11-14T10:22:57Z Simplified database forensic investigation using metamodeling approach 2019 Al-Dhaqm, Arafat Mohammed Rashad QA75 Electronic computers. Computer science Database Forensic Investigation (DBFI) domain is a significant field used to identify, collect, preserve, reconstruct, analyze and document database incidents. However, it is a heterogeneous, complex, and ambiguous domain due to the variety and multidimensional nature of database systems. Numerous specific DBFI models and frameworks have been proposed to solve specific database scenarios but there is a lack of structured and unified frameworks to facilitate managing, sharing and reusing of DBFI tasks and activities. Thus, this research developed a DBFI Metamodel (DBFIM) to structure and organize DBFI domain. A Design Science Research Methodology (DSRM) to provide a logical, testable and communicable metamodel was applied in this study. In this methodology, the steps included problem identification, define objectives, design and development, demonstration and evaluation, and communication. The outcome of this study is a DBFIM developed for structuring and organizing DBFI domain knowledge that facilitates the managing, sharing and reusing of DBFI domain knowledge among domain practitioners. DBFIM identifies, recognizes, extracts and matches different DBFI processes, concepts, activities, and tasks from different DBFI models into a developed metamodel, thus, allowing domain practitioners to derive/instantiate solution models easily. The DBFIM was validated using qualitative techniques: comparison against other models; face validity (domain experts); and case study. Comparisons against other models and face validity were applied to ensure completeness, logicalness, and usefulness of DBFIM against other DBFI domain models. Following this, two case studies were selected and implemented to demonstrate the applicability and effectiveness of the DBFIM in the DBFI domain using a DBFIM Prototype (DBFIMP). The results showed that DBFIMP allowed domain practitioners to create their solution models easily based on their requirements. 2019 Thesis http://eprints.utm.my/id/eprint/98147/ http://eprints.utm.my/id/eprint/98147/1/ArafatMohammedRashadPSC2019.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:144038 phd doctoral Universiti Teknologi Malaysia, Faculty of Engineering - School of Computing Faculty of Engineering - School of Computing |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
QA75 Electronic computers Computer science |
| spellingShingle |
QA75 Electronic computers Computer science Al-Dhaqm, Arafat Mohammed Rashad Simplified database forensic investigation using metamodeling approach |
| description |
Database Forensic Investigation (DBFI) domain is a significant field used to identify, collect, preserve, reconstruct, analyze and document database incidents. However, it is a heterogeneous, complex, and ambiguous domain due to the variety and multidimensional nature of database systems. Numerous specific DBFI models and frameworks have been proposed to solve specific database scenarios but there is a lack of structured and unified frameworks to facilitate managing, sharing and reusing of DBFI tasks and activities. Thus, this research developed a DBFI Metamodel (DBFIM) to structure and organize DBFI domain. A Design Science Research Methodology (DSRM) to provide a logical, testable and communicable metamodel was applied in this study. In this methodology, the steps included problem identification, define objectives, design and development, demonstration and evaluation, and communication. The outcome of this study is a DBFIM developed for structuring and organizing DBFI domain knowledge that facilitates the managing, sharing and reusing of DBFI domain knowledge among domain practitioners. DBFIM identifies, recognizes, extracts and matches different DBFI processes, concepts, activities, and tasks from different DBFI models into a developed metamodel, thus, allowing domain practitioners to derive/instantiate solution models easily. The DBFIM was validated using qualitative techniques: comparison against other models; face validity (domain experts); and case study. Comparisons against other models and face validity were applied to ensure completeness, logicalness, and usefulness of DBFIM against other DBFI domain models. Following this, two case studies were selected and implemented to demonstrate the applicability and effectiveness of the DBFIM in the DBFI domain using a DBFIM Prototype (DBFIMP). The results showed that DBFIMP allowed domain practitioners to create their solution models easily based on their requirements. |
| format |
Thesis |
| qualification_name |
Doctor of Philosophy (PhD.) |
| qualification_level |
Doctorate |
| author |
Al-Dhaqm, Arafat Mohammed Rashad |
| author_facet |
Al-Dhaqm, Arafat Mohammed Rashad |
| author_sort |
Al-Dhaqm, Arafat Mohammed Rashad |
| title |
Simplified database forensic investigation using metamodeling approach |
| title_short |
Simplified database forensic investigation using metamodeling approach |
| title_full |
Simplified database forensic investigation using metamodeling approach |
| title_fullStr |
Simplified database forensic investigation using metamodeling approach |
| title_full_unstemmed |
Simplified database forensic investigation using metamodeling approach |
| title_sort |
simplified database forensic investigation using metamodeling approach |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Engineering - School of Computing |
| granting_department |
Faculty of Engineering - School of Computing |
| publishDate |
2019 |
| url |
http://eprints.utm.my/id/eprint/98147/1/ArafatMohammedRashadPSC2019.pdf |
| _version_ |
1776100555455725568 |