Monitor and detect suspicious transactions with database forensics and Dempster-Shafer theory of evidence Online publication date: Thu, 02-Apr-2020
by Harmeet Kaur Khanuja; Dattatraya Adane
International Journal of Electronic Security and Digital Forensics (IJESDF), Vol. 12, No. 2, 2020
Abstract: The digital investigators have now approached databases for investigating the cyber crimes. The illegal financial transactions on the web which goes undetected can now be revealed through database forensics. In response to this, we have proposed a methodology to detect the illegal financial transactions through database audit logs. The aim here is to monitor the database, detect the suspicious transactions and report the risk level of these transactions. Different databases are monitored to extract SQL transactions through their respective audit logs. The SQL transactions obtained are transformed and loaded in a standard XML format which contains financial records along with its metadata. Initially, we process the financial transaction records with rule-based outlier detection algorithm and classifies the transactions as per RBI rules. The suspected transactions obtained as outliers are marked with initial belief values. To verify the uncertainty of the suspected transactions we apply Dempster-Shafer's theory of evidence which combines various evidence of suspected transactions obtained through audit logs. The experiments performed manifest the risk level of suspected transactions.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Electronic Security and Digital Forensics (IJESDF):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com
Our Blog 
Follow us on Twitter 
Visit us on Facebook