• DocumentCode
    3635582
  • Title

    InnoDB Database Forensics

  • Author

    Peter Frühwirt;Marcus Huber;Martin Mulazzani;Edgar R. Weippl

  • Author_Institution
    Vienna Univ. of Technol., Vienna, Austria
  • fYear
    2010
  • Firstpage
    1028
  • Lastpage
    1036
  • Abstract
    Whenever data is being processed, there are many places where parts of the data are temporarily stored; thus forensic analysis can reveal past activities, create a (partial) timeline and recover deleted data. While this fact is well known for computer forensics, multiple forensic tools exist to analyze data and the systematic analysis of database systems has only recently begun. This paper will describe the file format of the MySQL Database 5.1.32 with InnoDB Storage Engine. It will further explain with a practical example of how to reconstruct the data found in the file system of any SQL table. We will show how to reconstruct the table as it is, read data sets from the file and how to interpret the gained information.
  • Keywords
    "Forensics","File systems","Database systems","Data analysis","Engines","Data structures","Information analysis","Indexes","Documentation","Protection"
  • Publisher
    ieee
  • Conference_Titel
    Advanced Information Networking and Applications (AINA), 2010 24th IEEE International Conference on
  • ISSN
    1550-445X
  • Print_ISBN
    978-1-4244-6695-5
  • Type

    conf

  • DOI
    10.1109/AINA.2010.152
  • Filename
    5474822
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3635582