文章基本信息

标题：A Forensic Analysis Method for Redis Database based on RDB and AOF File
本地全文：下载
作者：Xu, Ming ; Xu, Xiaowei ; Xu, Jian 等
期刊名称：Journal of Computers
印刷版ISSN：1796-203X
出版年度：2014
卷号：9
期号：11
页码：2538-2544
DOI：10.4304/jcp.9.11.2538-2544
语种：English
出版社：Academy Publisher
摘要：Redis is a widely used non-relational and in-memory database system. It holds a large amount of information both in memory and file system, which is of great significance to forensic analysis. This paper mainly proposes a forensic analysis method for Redis based on RDB and AOF file. A method of extracting useful information from RDB backup file is proposed based on the data storage mechanism described in this paper. A method of reconstructing the write operation statements from AOF file is also provided. Finally, the method of directly analyzing data from memory is shown. The experimental results demonstrate the effectiveness of our method. Most of the data could be extracted from RDB and AOF file, which provides important information for forensic investigators.
关键词：redis;nosql;database forensics;digital forensics