Abstract:

The use of digital information is growing rapidly in this new technology era. Whether it is a public or private information, most organization relies on a wide range of databases to store their data. Therefore database has become a critical asset of all organizations. Having said that, it is recorded recently that the number of database attacks has gradually increased. In order to trace the attacker, forensic investigation plays a vital role to examine the compromised databases that could reveal the attacker path. Database forensic is a part of digital forensic areas which is responsible to detect suspicious activity inside the database storage and can be used to find useful information to reveal the truth. However, forensic investigations often exclude databases in the scope of investigations due to the complexity of database architectures and the lack of required techniques for database forensic which makes finding useful information difficult. This paper will review works done by researchers in database forensic to identify and analyze the SQL injection (SQLi) of various Database Management Systems (DBMS). This work can be very helpful to forensic practitioners when assessing the suitable method that can be used to detect the SQLi and to focus on the relevant artifacts that could be analyzed in the particular DMBS.