XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL

Please be advised that the site will be down for maintenance on Sunday, September 1, 2024, from 08:00 to 18:00, and again on Monday, September 2, 2024, from 08:00 to 09:00. We apologize for any inconvenience this may cause.

Show simple item record

dc.contributor.advisor Olivier, Martin S. en
dc.contributor.postgraduate Kotze, Dirk J.J. en
dc.date.accessioned 2015-11-25T09:47:01Z
dc.date.available 2015-11-25T09:47:01Z
dc.date.created 2015/09/01 en
dc.date.issued 2015 en
dc.description Dissertation (MSc)--University of Pretoria, 2015. en
dc.description.abstract In the 21st century, our worlds are becoming increasingly digitised and the business world is no exception. Financial transactions and accounting data are stored electronically, allowing for sharing and electronic processing. One of the most popular formats employed to store such data is the eXtensible Markup Language (XML). Together with digitisation, crime involving electronic and digital means (cyber-crime) is rising sharply. Investigating acts of cyber-crime involve specialist skills, called digital forensics. Accounting data stored in XML format is particularly vulnerable to unauthorised data modification (tampering) due XML’s requirement to be human-readable. As a result, cyber-criminals can easily commit fraud or obtain financial gain by tampering with XML financial data in this manner. However, detecting such tampering is extremely difficult due to the so-called big data problem or needle-in-a-haystack problem. This involves searching for a particular item (in this case, the set of changes) in a large set of data (the entire XML accounting data file). To exacerbate the problem, it is not known whether tampering has occurred in any given XML accounting data file, causing one to possibly search for evidence of tampering which does not even exist. Traditional approaches to isolate such tampering is not feasible. Firstly, due to the big data problem, using a sequential search of all data contained in the XML file to detect tampering is not efficient. Also, testing for data tampering using standard accounting rules is not possible, as modified data may still be valid in terms of accounting rules. Detecting data tampering in XML data therefore calls for a novel approach, forming the foundation of this work. This study aims to enable an investigator to determine whether tampering occurred in a specific set of XML financial data as well as reconstructing the events leading to the tampering in order to determine the extent and detail of such tampering. In order enable the detection of potential tampering with data, this study proposes the creation of an automated tool to detect such irregularities in XML financial data. Using the parallel of forensic pathology, it is argued that XML financial data needs to be analysed for any artefacts (irregularities) that are not consistent with known normal (or “healthy”) XML financial accounting data. This study furthermore argues that these artefacts are often noted in patterns, allowing one to attribute potential causality to groups of artefacts. It is also noted that compilers are typically used to parse input and detect any input not conforming to a pre-defined set of rules describing normal input. As a result it is therefore proposed that compilers and similar techniques should be used to protect financial data on the merit of their capabilities regarding parsing of data and error reporting and/or error correction. Furthermore, the work performed as part of this study suggests a means to enable an investigator to reconstruct the events leading to the tampering in order to determine the extent and detail of the tampering. As data regarding the history and extent of changes is typically not retained by either the operating system or the XML data format itself, it is proposed that instrumentation be employed to record the additional data necessary in order to reconstruct events. This is achieved by using a combination of version control and audit logging to ensure that data is available to reconstruct tampering events. The XML Accounting Trail Model is therefore proposed to collect data about all modifications affecting the file containing XML accounting data. The model also proposes the combination of digital signatures and a reference monitor to ensure that all changes to the XML data files are recorded and that the XML Accounting Trail Model cannot be circumvented by direct editing of the XML file. en
dc.description.availability Unrestricted en
dc.description.degree MSc en
dc.description.department Computer Science en
dc.description.librarian tm2015 en
dc.identifier.citation Kotze, DJ 2015, XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL, MSc Dissertation, University of Pretoria, Pretoria, viewed yymmdd <http://hdl.handle.net/2263/50646> en
dc.identifier.other S2015 en
dc.identifier.uri http://hdl.handle.net/2263/50646
dc.language.iso en en
dc.publisher University of Pretoria en_ZA
dc.rights © 2015 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. en
dc.subject UCTD en
dc.subject Cyber-crime
dc.subject Data irregularity
dc.subject Digital forensics
dc.subject Forensic readiness
dc.subject XML accounting
dc.subject XML
dc.subject XBRL (eXtensible Business Reporting Language)
dc.subject.other Engineering, built environment and information technology theses SDG-08
dc.subject.other SDG-08: Decent work and economic growth
dc.subject.other Engineering, built environment and information technology theses SDG-09
dc.subject.other SDG-09: Industry, innovation and infrastructure
dc.subject.other Engineering, built environment and information technology theses SDG-16
dc.subject.other SDG-16: Peace, justice and strong institutions
dc.title XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL en
dc.type Dissertation en


Files in this item

This item appears in the following Collection(s)

Show simple item record