Reorganization of the Database Log for Information Warfare Data Recovery

Sobhan, Rumman; Panda, Brajendra

doi:10.1007/978-0-387-35587-0_9

Cited by 15 publications

(14 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the other hand, most of the data dependency approaches [27,28] are variants of the approach proposed in [26]. Although these methods succeed in restoring the consistency of a database compromised by some malicious transaction(s), they require maintenance and management of large log size that leads to considerable damage assessment overhead and degradation in regular transaction processing performance.…”

Section: -Database Recovery After Attackmentioning

confidence: 99%

See 1 more Smart Citation

A column dependency-based approach for static and dynamic recovery of databases from malicious transactions

Chakraborty

Majumdar

Sural

2009

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Even state of the art database protection mechanisms often fail to prevent occurrence of malicious attacks. Since in a database environment, the modifications made by one transaction may affect the execution of some of the later transactions, it leads to spreading of the damage caused by malicious (bad) transactions. Following traditional log-based recovery schemes, one can rollback (undo) the effect of all the transactions, both malicious as well as non-malicious. In such a scenario, even the unaffected transactions are also rolled back. In this paper, we propose a column dependencybased approach to identify the affected transactions which need to be compensated along with the malicious transactions. To ensure durability, committed non-malicious transactions are then re-executed in a manner that retains database consistency. We present a static recovery algorithm as well as an on-line version of the same and prove their correctness. A detailed performance evaluation of the proposed scheme with TPC-C benchmark suite is also presented.

show abstract

Section: -Database Recovery After Attackmentioning

confidence: 99%

“…Over the last decade, several methodologies have been proposed to recover consistency from committed malicious transactions [14][15][16][17][18][19][20][21][22][23][24][25][26][27][28]. These approaches can be broadly classified into two categories, namely, transaction dependency and data dependency-based recovery.…”

Section: -Database Recovery After Attackmentioning

confidence: 99%

A column dependency-based approach for static and dynamic recovery of databases from malicious transactions

Chakraborty

Majumdar

Sural

2009

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…Transaction level attacks are not new. They have been studied in a good number of researches [2,8,22]. Transaction level attacks can be done through a variety of ways:…”

Section: The Threat Modelmentioning

confidence: 99%

A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems

Bai

Liu

2009

Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology

View full text Add to dashboard Cite

Database security research aims to protect a database from unintended activities, such as authenticated misuse, malicious attacks. In recent years, surviving DBMS from an attack is becoming even more crucial because networks have become more open and the increasingly critical role that database servers are playing nowadays. Unlike the traditional database failure/attack recovery mechanisms, in this paper, we propose a light-weight dynamic Data Damage Tracking, Quarantine, and Recovery (DT QR) solution. We built the DTQR scheme into the kernel of PostgreSQL. We comprehensively study this approach from a few aspects (e.g., system overhead, impact of the intrusion detection system), and the experimental results demonstrated that our DTQR can sustain an excellent data service while healing the database server when it is under a malicious attack.

show abstract

“…Transaction level attacks are not new. They have been studied in a good number of researches [4][11] [14]. Transaction level attacks can be done through a variety of ways.…”

Section: The Threat Modelmentioning

confidence: 99%