A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems

Bai, Kun; Liu, Peng

doi:10.1145/1516360.1516443

Cited by 12 publications

(11 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…AIMS can be used as a middle-layer between the transactional database and the application to perform automatic intrusion response and recovery independently from the running applications. The most relevant work close to AIMS is given in [13], [10] that proposes an online damage tracking and quarantine mechanism to increase the survivability of single-tenant databases. The authors propose a multi-pass recovery procedure to ensure that all the corrupted data objects are recovered.…”

Section: Related Workmentioning

confidence: 99%

A Security and Performance Driven Architecture for Cloud Data Centers

Felemban,

Daghistani,

Javeed

et al. 2020

Preprint

View full text Add to dashboard Cite

With the growing cyber-security threats, ensuring the security of data in Cloud data centers is a challenging task. A prominent type of attack on Cloud data centers is data tampering attack that can jeopardize the confidentiality and the integrity of data. In this article, we present a security and performance driven architecture for these centers that incorporates an intrusion management system for multi-tenant distributed transactional databases. The proposed architecture uses a novel data partitioning and placement scheme based on damage containment and communication cost of distributed transactions. In addition, we present a benchmarking framework for evaluating the performance of the proposed architecture. The results illustrate a trade-off between security and performance goals for Cloud data centers.

show abstract

Section: Related Workmentioning

confidence: 99%

A Security and Performance Driven Architecture for Cloud Data Centers

Felemban,

Daghistani,

Javeed

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…We often use PIMS k BFA, PIMS k BA, PIMS k RA, and PIMS k SA to differentiate between the assignment techniques as needed. The performance of PIMS is compared against PIMS 1 (denoted by One IB) and ITDB [21]. We use a workload of 5000 transactions to conduct the experiments, unless stated otherwise.…”

Section: Pims Performance Evaluationmentioning

confidence: 99%

“…In [5], a suite of recovery algorithms is proposed to unwind the effect of malicious transactions for offline and online recovery. In [6], [21], the authors present ITDB and DTQR, respectively, that implement the recovery algorithms in [5] on top of a Commercial-Off-The-Shelf DBMS. In [33], a damage assessment and repair system, termed Phoenix, is introduced.…”

Section: Related Workmentioning

confidence: 99%

Design and Evaluation of A Data Partitioning-Based Intrusion Management Architecture for Database Systems

Felemban,

Javeed,

Kobes

et al. 2018

Preprint

View full text Add to dashboard Cite

Data-intensive applications exhibit increasing reliance on Database Management Systems (DBMSs, for short). With the growing cyber-security threats to government and commercial infrastructures, the need to develop high resilient cyber systems is becoming increasingly important. Cyber-attacks on DBMSs include intrusion attacks that may result in severe degradation in performance. Several efforts have been directed towards designing an integrated management system to detect, respond, and recover from malicious attacks. In this paper, we propose a data Partitioning-based Intrusion Management System (PIMS, for short) that can endure intense malicious intrusion attacks on DBMS. The novelty in PIMS is the ability to contain the damage into data partitions, termed Intrusion Boundaries (IBs, for short). The IB Demarcation Problem (IBDP, for short) is formulated as a mixed integer nonlinear programming. We prove that IBDP is NP-hard. Accordingly, two heuristic solutions for IBDP are introduced. The proposed architecture for PIMS includes novel IB-centric response and recovery mechanisms, which executes compensating transactions. PIMS is prototyped within PostgreSQL, an open-source DBMS. Finally, empirical and experimental performance evaluation of PIMS are conducted to demonstrate that intelligent partitioning of data tuples improves the overall availability of the DBMS under intrusion attacks.

show abstract

“…Due to the mechanism of maintaining a transaction dependency graph in the executing period, the process for recovery could be quite efficient. A prototype system Phoenix based on this model was also developed using PostgreSQL DBMS [11][12][13][14][15] . However, the model depends on the mechanism of Multi-Version Concurrency Control (MVCC) of the PostgreSQL DBMS and could not be applied to common database systems.…”

mentioning

confidence: 99%

Dynamic Damage Recovery for Web Databases

Zhu

Feng

2010

J. Comput. Sci. Technol.

View full text Add to dashboard Cite

In the web context, there is an urgent need for a self-healing database system which has the ability to automatically locate and undo a set of transactions that are corrupted by malicious attacks. The metrics of survivability and availability require a database to provide continuous services during the period of recovery, which is referred to as dynamic recovery. In this paper, we present that an extended read operation from a corrupted data would cause damage spreading. We build a fine grained transaction log to record the extended read and write operations while user transactions are processing. Based on that, we propose a dynamic recovery system to implement the damage repair. The system captures damage spreading caused by extended read-write dependency between transactions. It also retains the execution results for blind write transactions and gives a solution to the issues of recovery conflicts caused by forward recovery. Moreover, a confinement activity is imposed on the in-repairing data to prevent a further damage propagation while the data recovery is processing. The performance evaluation in our experiments shows that the system is reliable and highly efficient.

show abstract

A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems

Cited by 12 publications

References 24 publications

A Security and Performance Driven Architecture for Cloud Data Centers

A Security and Performance Driven Architecture for Cloud Data Centers

Design and Evaluation of A Data Partitioning-Based Intrusion Management Architecture for Database Systems

Dynamic Damage Recovery for Web Databases

Contact Info

Product

Resources

About