Talks and Poster Presentations (with Proceedings-Entry):
P. Kieseberg, S. Schrittwieser, E. Weippl:
"Structural Limitations of B+-Tree forensics";
Talk: Central European Cybersecurity Conference 2018,
- 2018-11-16; in: "International Conference Proceedings Series ACM Digital Library",
ACM Digital Library,
Despite the importance of databases in virtually all data driven applications, database forensics is still not the thriving topic it ought to be. Many database management systems (DBMSs) structure the data in the form of trees, most notably B+-Trees. Since the tree structure is depending on the characteristics of the INSERT-order, it can be used in order to generate information on later manipulations, as was shown in a previously published approach.
In this work we analyse this approach and investigate, whether it is possible to generalize it to detect DELETE-operations within general INSERT-only trees. We subsequently prove that almost all forms of B+-Trees can be constructed solely by using INSERT-operations, i.e. that this approach cannot be used to prove the existence of DELETE-operations in the past.
"Official" electronic version of the publication (accessed through its Digital Object Identifier - DOI)
Created from the Publication Database of the Vienna University of Technology.