• DocumentCode
    2646548
  • Title

    Methodologies for Detecting Covert Database

  • Author

    Lee, Keun-gi ; Savoldi, Antonio ; Gubian, Paolo ; Lim, Kyung Soo ; Lee, Seokhee ; Lee, Sangjin

  • Author_Institution
    Center for Inf. Security Technol., Korea Univ., Seoul
  • fYear
    2008
  • fDate
    15-17 Aug. 2008
  • Firstpage
    538
  • Lastpage
    541
  • Abstract
    Forensic accounting has recently gained great attention in the accounting and computer forensic fields since government regulations such as Health Insurance Portability and accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), sarbanes-oxley Act~cite{b1} (SOX) were introduced in the United States. Although these regulations force corporations to provide financial transparency, they still commit accounting frauds such as slush fund or tax evasion. moreover, companies have substituted paper-work with IT systems such as DBMS (database management system), EDMS (electronic document management system), and ERP (Enterprise Resource Planning) system. Since the majority of corporations use DBMS we should focus our attention on discovering financial information in a database server. However, frauds are difficult to observe and detect because the perpetrators did their best to conceal their fraudulent activities. In particular, we need to consider the case of a covert database server. This paper proposes a methodology for detecting covert database server, which would be helpful for forensic investigators. Therefore, we describe an example of covert database server and suggest several detection techniques. Finally, we provide our methodology according to classification of investigation cooperation.
  • Keywords
    accounts data processing; computer crime; fraud; legislation; Gramm-Leach-Bliley Act; Health Insurance Portability and Accountability Act; Sarbanes-Oxley Act; United States; accounting frauds; computer forensic; covert database server; database management system; electronic document management system; enterprise resource planning system; financial information; financial transparency; forensic accounting; forensic investigators; government regulations; slush fund; tax evasion; Automation; Database systems; Deductive databases; Enterprise resource planning; Forensics; Information security; Multimedia databases; Network servers; Signal processing; US Government;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Intelligent Information Hiding and Multimedia Signal Processing, 2008. IIHMSP '08 International Conference on
  • Conference_Location
    Harbin
  • Print_ISBN
    978-0-7695-3278-3
  • Type

    conf

  • DOI
    10.1109/IIH-MSP.2008.258
  • Filename
    4604115