ABSTRACT
The growth of databases as a means of storing critical data has made them an inviting target for criminal activity, which in turn has brought about the emerging area of database forensics. However, research in this area is just beginning, and few methods and tools designed for database forensic analysis exist at this time. Following a database security incident, it is essential to learn what data was exposed or damaged so that steps can be taken to mitigate the situation. The data cache, Structured Query Language (SQL) cache, and transaction log may contain important database forensic information. Research into database forensics has resulted in the development of some practical methods, as well as opened up potential areas for future database design. The future of database forensics lies not just in development of methods and tools but also in developing a thorough knowledge of database processes in order to advance the developing area of database forensics.