Abstract
Database forensics aids in the qualification and investigation of databases and facilitates a forensic investigator to prove a suspected crime which can be used to prevent illegitimate banking transactions. The banks deals in public money but unfortunately are becoming vulnerable by receiving illegal money in the form of legitimate business. The absence of any preventive measures in the banks to monitor such scam would be perilous some day. If they violate relevant laws and regulatory guidelines they can unknowingly keep raising Money Laundering practices in their system. In this article we propose a forensic methodology for private banks to have ongoing monitoring system as per Reserve Bank of India (RBI) guidelines for financial transactions which will check their database audit logs on continuous basis for marking suspected transactions if any. These transactions are then precisely analyzed and verified with Dempster Shafer Theory of Evidence to generate suspected reports automatically as required by Financial Intelligence Unit.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bertino, E., Sandhu, R.: Database Security − Concepts, Approaches, and challenges. IEEE Transactions on Dependable and Secure Computing 2(1), 2–19 (2005)
Richardson, R.: CSI/FBI Computer Crime and Security Survey (2011), http://www.gocsi.com
Raghavan, S.: Digital forensic research: current state of the art. In: CSI Publications. Springer (2012)
Jun, T.: On Developing Intelligent Surveillant System of Suspicious Financial Transaction. IEEE (2010)
Pavlou, K.E., Snodgrass, R.T.: Forensic analysis of database tampering, ACM Transactions on Database Systems (TODS) 33(4), Article 30, 47+25 pages (2008)
Godbole, N., Belapure, S.: Cyber Security, Understanding Computer Forensics and Legal Perspectives. Wiley-India (2011) ISBN: 978-81-265-2179-1
Pavlou, K.E.: Database Forensics in the Service of Information Accountability/ SIGMOD/PODS PhD Poster Session, Poster Presented (2011)
Pavlou, K.E., Snodgrass, R.T.: Dragoon: An Information Accountability System for High-Performance Databases. In: Demonstration. International Conference on Data Engineering, ICDE (2012)
Olivier, M.S.: On metadata context in Database Forensics. Digital Investigation 5(3-4), 115–123 (2009), www.sciencedirect.com
RBI Rules, http://rbidocs.rbi.org.in/rdocs/content/Pdfs/68787.pdf
RBI Rules, http://rbidocs.rbi.org.in/rdocs/notification/PDFs/PM2212A_II.pdf
Sarbanes-Oxley (SOX) Compliance Checklist SOX-Compliance (2011), https://correlog.com/support-public/SOX-Compliance.pdf
Anti Money Laundering Rules, http://www.dor.gov.in/sites/upload_files/revenue/files/PML%20%28Amendment%29%20Act,%202012.pdf
Bhaskaran, R.: CEO, Indian Institute of Banking and Finance. Anti Money Laundering & Know Your Customer (KYC). Macmillan Publisher India (2012) ISBN 13: 978-0230-33196-9
Shafer, G.: Dempster–Shafer theory (2002)
Sentz, K., Ferson, S.: Combination of Evidence in Dempster–Shafer Theory. Sandia National Laboratories (2002)
Dempster, A.P.: Upper and lower probabilities induced by a multivalued mapping. The Annals of Mathematical Statistics 38(2), 325–339 (1967), doi:10.1214/aoms/1177698950
Khanuja, H.K., Adane, D.S.: Database Security Threats and challenges in Database Forensic: A survey. In: Proceedings of 2011 International Conference on Advancements in Information Technology, AIT 2011 (2011), http://www.ipcsit.com/vol20/33-ICAIT2011-A4072.pdf
Khanuja, H.K., Adane, D.S.: A Framework For Database Forensic Analysis. Published in Computer Science & Engineering: An International Journal (CSEIJ) 2(3) (2012)
Khanuja, H.K., Adane, D.S.: Forensic Analysis of Databases by Combining Multiple Evidences. International Journal of Computers & Technology. Council for Innovative Research 7(3) (2013)
Panigrahi, S., Sural, S., Majumdar, A.K.: Detection of Intrusive Activity in Databases by Combining Multiple Evidences and Belief Update. In: IEEE Symposium on Computational Intelligence in Cyber Security (2009)
Wang, X., Dong, G.: Research on Money Laundering Detection Based on Improved Minimum Spanning Tree Clustering and Its Application. In: Proceedings of the 2009 Second International Symposium on Knowledge Acquisition and Modeling, vol. 02, pp. 62–64. IEEE Computer Society (2009)
Lv, L.-T., Ji, N., Zhang, J.-L.: A RBF neural network model for anti-money laundering. In: International Conference on Wavelet Analysis and Pattern Recognition, ICWAPR 2008. IEEE (2008)
Wang, S.-N., Yang, J.-G.: A Money Laundering Risk Evaluation Method Based on Decision Tree. In: International Conference on Machine Learning and Cybernetics. IEEE (2007)
Tang, J., Yin, J.: Developing an intelligent data discriminating system of anti-money laundering based on SVM. In: International Conference on Machine Learning and Cybernetics, Guangzhou, China, vol. 6, pp. 3453–3457. IEEE (2005)
Srivastava, R.P.: The Dempster-Shafer Theory of Belief Functions for Managing Uncertainties: An Introduction and Fraud Risk Assessment Illustration. Australian Accounting Review 21(3), 282–291
Harrison, K., Srivastava, R.P., Plumlee, R.D.: ‘Auditors’ Evaluations of Uncertain Audit Evidence: Belief Functions versus Probabilities. In: Srivastava, R.P., Mock, T. (eds.) Belief Functions in Business Decisions. STUDFUZZ, vol. 88, pp. 161–183. Physica-Verlag, Springer-Verlag Company, Heidelberg (2002)
Financial Intelligence Unit- India (FIU-IND), http://fiuindia.gov.in/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Khanuja, H.K., Adane, D.S. (2014). Forensic Analysis for Monitoring Database Transactions. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds) Security in Computing and Communications. SSCC 2014. Communications in Computer and Information Science, vol 467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44966-0_19
Download citation
DOI: https://doi.org/10.1007/978-3-662-44966-0_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44965-3
Online ISBN: 978-3-662-44966-0
eBook Packages: Computer ScienceComputer Science (R0)