Supercharge Your Innovation With Domain-Expert AI Agents!

SQL Server database forensic analysis system and method based on transaction log

A database and log technology, applied in the field of SQL Server database forensic analysis system based on transaction log, can solve problems such as consuming a lot of system resources, occupation, and parsing errors.

Active Publication Date: 2019-08-02
ACADEMY OF FORENSIC SCIENCE
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] After searching the existing technologies, it is found that Microsoft Corporation of the United States has a tool specially used for monitoring and tracking databases - SQL Server Profiler, but this tool needs to open and track databases in real time, occupying and consuming a lot of system resources
At the same time, Profiler can only record the executed SQL commands, and does not specifically analyze data changes
In addition, Log Explorer, a commercial software of Lumigent in the United States, can conduct forensic analysis on SQL Server versions before 2005, but it does not support SQL Server 2008 or later versions, and cannot perform forensic analysis on new versions
At the same time, when Log Explorer parses the MODIFY (update) operation, it will cause parsing errors due to its algorithm flaws

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SQL Server database forensic analysis system and method based on transaction log
  • SQL Server database forensic analysis system and method based on transaction log
  • SQL Server database forensic analysis system and method based on transaction log

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0022] The transaction log-based SQL Server forensic analysis system involved in this embodiment is implemented on the Windows operating system platform of the X86 architecture.

[0023] The transaction log-based SQL Server forensic analysis system involved in this embodiment is aimed at SQL Server 2008 and later versions, and is not applicable to SQL Server 2005 and earlier versions.

[0024] The configuration of the object host in this embodiment is shown in the following table:

[0025]

[0026] The implementation process includes: database connection, database table information extraction, transaction log extraction, insertion operation analysis, deletion operation analysis, and modification operation analysis.

[0027] The test steps of this embodiment are as follows:

[0028] The first step, connecting and logging in to the SQL Server database, specifically includes the following steps:

[0029] 1.1) Open and enter the user name and password, this account needs to h...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

An SQL Server database evidence obtaining and analyzing system is provided. A method comprises steps of: extracting and storing administrator rights after an SQL Server database is connected; extracting binary record information about operations in an SQL Server database transaction log; then, in combination with a data table structure and data type information, analyzing specific log data of insert and delete operations; in combination with raw data in the database and a particular efficient algorithm, analyzing log data of update operations; and finally, analyzing and storing data, time and operators of various user operations on the SQL Server database. The system and method provided by the present invention provide a feasible, practical and efficient method for SQL Server database evidence obtaining.

Description

technical field [0001] The present invention relates to an analysis system and method in the field of computer forensics, in particular to a transaction log-based SQL Server database forensics analysis system and method. Background technique [0002] The SQL Server database is a relational database system launched by Microsoft Corporation. SQL Server database is an extensible, high-performance database management system involved in distributed client / server computing. It realizes the organic combination with Microsoft's operating system—Windows NT, and provides transaction-based enterprise-level Information management system scheme. [0003] A "transaction" in a SQL Server database is a series of operations performed as a single logical unit of work. A logical unit of work must have four attributes, namely atomicity, consistency, isolation, and persistence. Only when these four attributes are met can it become a transaction. Among them, atomicity means that the transacti...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F16/20
CPCG06F16/2358
Inventor 李岩施少培杨旭周桂泉郭捷邱卫东卢启萌曾锦华
Owner ACADEMY OF FORENSIC SCIENCE
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com