Detection of Suspicious Transactions with Database Forensics and Theory of Evidence

  • Harmeet Kaur KhanujaEmail author
  • Dattatraya AdaneEmail author
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 969)


The aim of enabling the use of illegally obtained money for legal purposes, while hiding the true source of the funds from government authorities has given rise to suspicious transactions. Illegal transactions are detected using data mining and statistical techniques with the input data like various suspicious reports or the data set of all transactions within a financial institution. The output obtained is the set of highly suspicious transactions or highly suspicious entities (e.g., persons, organizations, or accounts). In this paper, we propose a database forensics methodology to monitor database transactions through audit logs. The Rule-based Bayesian Classification algorithm is applied to determine undetected illegal transactions and predicting initial belief of the transactions to be suspicious. Dempster-Shafer’s theory of evidence is applied to combine different parameters of the transactions obtained through audit logs to verify the uncertainty and risk level of the suspected transactions. Thus a framework is designed and developed which can be used as a tool for the digital investigators.


Database forensics Money laundering Audit logs Suspicious transactions Outliers Dempster Shafer theory 


  1. 1.
    RBI Rules and Monitoring Transactions. Accessed 2 June 2018
  2. 2.
    Health Insurance Portability and Accountability Act.
  3. 3.
    SOX, Sarbanes Oxley Audit Requirements. Accessed 23 July 2017
  4. 4.
    Sentz, K., Ferson, S.: Combination of Evidence in Dempster-Shafer Theory. Sandia National Laboratories (2002)Google Scholar
  5. 5.
    Badal-Valero, E., Alvarez-Jareño, J.A., Pavía, J.M.: Combining Benford’s Law and machine learning to detect money laundering. An actual Spanish court case. Forensic Sci. Int. 282, 24–34 (2018)CrossRefGoogle Scholar
  6. 6.
    Kuna, H.D., Matinez, R.G., Villatoro, F.R.: Outlier detection in audit logs for application systems. Inf. Syst. 44, 22–33 (2014)CrossRefGoogle Scholar
  7. 7.
    Kanhere, P., Khanuja, H.: A survey on outlier detection in financial transactions. Int. J. Comput. Appl. 108(17), 23–25 (2014)Google Scholar
  8. 8.
    Han, J., Kamber, M., Pei, J.: Outlier Detection - Data Mining: Concepts and Techniques, 3rd edn. Elsevier (2012). ISBN 978-0-12-381479-1Google Scholar
  9. 9.
    Khanuja, H.K., Adane, D.S.: Forensic analysis for monitoring database transactions. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds.) SSCC 2014. CCIS, vol. 467, pp. 201–210. Springer, Heidelberg (2014). Scholar
  10. 10.
    Adedayo, O.M., Olivier, M.S.: Ideal log setting for database forensics reconstruction. Digit. Invest. 12, 27–40 (2015). www.sciencedirect.comCrossRefGoogle Scholar
  11. 11.
    Fowler, K.: SQL Server Forensic Analysis. Pearson Education, Addison-Wesley (2009). ISBN: 9780321533203Google Scholar
  12. 12.
    Litchfield, D.: Oracle Forensics Part 1: Dissecting the Redo Logs. NISR Publication (2007)Google Scholar
  13. 13.

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Marathwada Mitra Mandal’s College of EngineeringPuneIndia
  2. 2.Shri Ramdeobaba College of Engineering and ManagementNagpurIndia

Personalised recommendations