The design of an adaptive intrusion tolerant database system

Luenam, Pramote; Liu, Peng

doi:10.1109/fits.2003.1264925

Cited by 23 publications

(17 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, we would like to point out that CoBFIT is a more general framework that can potentially facilitate the creation of other kinds of intrusion-tolerant systems. For example, the CoBFIT framework components can also facilitate the building of an intrusion-tolerant database system, such as the one mentioned in [15].…”

Section: Related Workmentioning

confidence: 99%

“…Reconfigurability is one of the design principles of CoBFIT that resulted from the realization that different intrusion-tolerant systems require different sets of protocols that may have to be reconfigured (without requiring modification, recompilation, or re-linking of the program itself, or shutting down and restarting of the CoBFIT system) when responding to attacks. It is a key capability that is required by intrusiontolerant systems that adapt to attacks by changing the security posture and switching to increased levels of alertness (e.g., AITDB [15], ITUA [3]). …”

Section: Framework Componentsmentioning

confidence: 99%

See 1 more Smart Citation

CoBFIT: A component-based framework for intrusion tolerance

Ramasamy

Agbaria

Sanders

2004

Proceedings. 30th Euromicro Conference, 2004.

View full text Add to dashboard Cite

In this paper, we present the architecture of CoBFIT, a component-based framework for building intrusion-tolerant distributed systems. The CoBFIT framework, by virtue of its design and implementation principles, can serve as a convenient base for building components that implement intrusion-tolerant protocols and for combining these components in an efficient manner to provide a number of services for dependability. For example, in this paper, we describe the CoBFIT implementation of a prototype intrusiontolerant group communication system that includes services such as reliable multicast, group membership management, and total ordering of multicast messages.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Framework Componentsmentioning

confidence: 99%

CoBFIT: A component-based framework for intrusion tolerance

Ramasamy

Agbaria

Sanders

2004

Proceedings. 30th Euromicro Conference, 2004.

View full text Add to dashboard Cite

show abstract

“…The adaptations are triggered under three possible situations: (a) when the Emergency Analyzer reports an emergency to the SSM, (b) when the SSM pulls some situation data from the components, and (c) when the components push some situation data to the SSM. Readers can refer to [LL02] for more details about this subsystem.…”

Section: Figure 11 -Organization Of the Self-stabilization Subsystem mentioning

confidence: 99%

Engineering a Distributed Intrusion Tolerant Database System

Liu¹

2003

View full text Add to dashboard Cite

Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing this collection of information. The primary accomplishment of this project is a new paradigm for secure database system design, intrusion tolerant database systems. In particular, an innovative intrusion tolerant database system framework, denoted ITDB, is developed. While traditional secure database systems rely on preventive controls, ITDB can detect intrusions, isolate attacks, contain, assess and repair the damage caused by intrusions in a timely manner such that a self-stabilized level of data integrity and availability can be provided to applications. Built on top of COTS DBMS, ITDB arms commercial database servers with the ability to deliver sustained valid data access services even in the face of intensive attacks. To validate ITDB, a prototype ITDB system is designed and implemented. The prototype is a seamless integration of five major subsystems, namely the Malicious Transaction Detection subsystem, the Attack Recovery subsystem, the Attack Isolation subsystem, the Damage Containment subsystem, and the Self-Stabilization subsystem. Extensive evaluation of the prototype based on practical database applications, simulated workload and injected attacks is done. Preliminary testing measurements suggest that when the accuracy of the intrusion detector is satisfactory, ITDB can effectively tolerate database intrusions with reasonable performance penalty.

show abstract

“…As explained in the previous section, neither attack isolation nor multiphase damage containment techniques presents a method to determine anomaly threshold adaptively based on the change of environmental conditions, which controls false alarm. Luenam et al presented an adaptive controller to solve this problem [14]. This adaptive controller aims to improve the adaptation of an ITDB system so that the trustworthiness-to-cost range settles at an appropriate level.…”

Section: The False Alarm Controllermentioning

confidence: 99%

“…These attacks are usually done through web applications which have vast accessibility [1,2,25]. For confronting with such attacks, we need mechanisms like intrusion tolerant database systems [3,4,5].…”

Section: Introductionmentioning

confidence: 99%

Controlling The False Alarm In An Intrusion Tolerant Database System Using Significance Degrees Of Data Objects

Falahiazar¹,

Rohani²,

Falahiazar³

2014

J. Math. Computer Sci.

View full text Add to dashboard Cite

Traditional database security mechanisms focus on either protection or prevention. However, in practice all attacks are not avoidable. To solve this problem, Intrusion Tolerant Database Systems (ITDBs) were introduced. An ITDB uses new generation database security mechanisms to guarantee specified levels of data availability, integrity and confidentiality in the presence of successful attacks. A key part of an ITDB is the intrusion detection (ID) which informs the system about attacks. One of the problems in using ID is the false alarm that will lead to the reduction of the "availability" or "integrity". This paper presents an intelligent method to control false alarm. In this method, we will use the significance degrees of data objects to determine the anomaly threshold adaptively, as the "availability" and "integrity" required by the data objects are satisfied.

show abstract

The design of an adaptive intrusion tolerant database system

Cited by 23 publications

References 8 publications

CoBFIT: A component-based framework for intrusion tolerance

CoBFIT: A component-based framework for intrusion tolerance

Engineering a Distributed Intrusion Tolerant Database System

Controlling The False Alarm In An Intrusion Tolerant Database System Using Significance Degrees Of Data Objects

Contact Info

Product

Resources

About