The Overview of Database Security Threats’ Solutions: Traditional and Machine Learning

Abstract: As an information-rich collective, there are always some people who choose to take risks for some ulterior purpose and others are committed to finding ways to deal with database security threats. The purpose of database security research is to prevent the database from being illegally used or destroyed. This paper introduces the main literature in the field of database security research in recent years. First of all, we classify these papers, the classification criteria are the influencing factors of database … Show more

“…However, it will achieve specific error prediction for specific input samples with backdoor triggers. Since backdoors can be hidden indefinitely until samples with specific backdoor triggers activate them, it brings serious security risks to the Federated learning system [3].…”

“…In practical usage scenarios, there are three commonly used attack methods: direct, indirect, and mixed. Direct attack refers to the attacker locking the target node by providing fake sensor data and directly injecting maliciously modified toxic data into the target node; Indirect attack refers to an attacker who, under the condition of not being able to inject toxic data into any target node, utilizes vulnerabilities such as communication protocol flaws in the device to indirectly affect the target node by injecting toxic data into other nodes; Hybrid attacks are a combination of direct and indirect attacks, where attackers can inject toxic data directly or indirectly into the target node [3].…”

“…As shown in Table 1,model poisoning attack mainly refers to that the attacker disturbs the Federated learning process by sending wrong parameters or destroying the model before sending the local model update to the server and obtaining information by reasoning [3]. For example, by controlling the update parameters transmitted by the learning participants to the server, the model parameter trend in the whole learning process is affected, and the model's convergence rate is reduced.…”

“…In Federated learning, since each learning participant can directly affect the weight of the shared model, attackers can easily poison the shared model, especially when the SecAgg mechanism is introduced into the Federated learning framework; it cannot be guaranteed that the updated data of each learning participant is checked and the parameters after security aggregation can be updated locally. Attackers can poison the updated data before sending it to the server or implant a backdoor that attackers can use in the global model [3].…”

“…Many studies show that during the training process, Federated learning still divulges private information to a third party or centralized server during the model update process. There are still many problems in the privacy security of Federated learning, and no unified theoretical system has been formed in terms of privacy protection measures [3]. The main attack methods include backdoor attacks, data poisoning, and model poisoning, all of which aim to modify the local model and prevent the attack from being detected by the server.…”

Federated Learning Security Threats and Defense Approaches

“…However, it will achieve specific error prediction for specific input samples with backdoor triggers. Since backdoors can be hidden indefinitely until samples with specific backdoor triggers activate them, it brings serious security risks to the Federated learning system [3].…”

“…In practical usage scenarios, there are three commonly used attack methods: direct, indirect, and mixed. Direct attack refers to the attacker locking the target node by providing fake sensor data and directly injecting maliciously modified toxic data into the target node; Indirect attack refers to an attacker who, under the condition of not being able to inject toxic data into any target node, utilizes vulnerabilities such as communication protocol flaws in the device to indirectly affect the target node by injecting toxic data into other nodes; Hybrid attacks are a combination of direct and indirect attacks, where attackers can inject toxic data directly or indirectly into the target node [3].…”

“…As shown in Table 1,model poisoning attack mainly refers to that the attacker disturbs the Federated learning process by sending wrong parameters or destroying the model before sending the local model update to the server and obtaining information by reasoning [3]. For example, by controlling the update parameters transmitted by the learning participants to the server, the model parameter trend in the whole learning process is affected, and the model's convergence rate is reduced.…”

“…In Federated learning, since each learning participant can directly affect the weight of the shared model, attackers can easily poison the shared model, especially when the SecAgg mechanism is introduced into the Federated learning framework; it cannot be guaranteed that the updated data of each learning participant is checked and the parameters after security aggregation can be updated locally. Attackers can poison the updated data before sending it to the server or implant a backdoor that attackers can use in the global model [3].…”

“…Many studies show that during the training process, Federated learning still divulges private information to a third party or centralized server during the model update process. There are still many problems in the privacy security of Federated learning, and no unified theoretical system has been formed in terms of privacy protection measures [3]. The main attack methods include backdoor attacks, data poisoning, and model poisoning, all of which aim to modify the local model and prevent the attack from being detected by the server.…”

Federated Learning Security Threats and Defense Approaches

Improved Database Security Using Cryptography with Genetic Operators

HDTSM: Hybrid Dynamic Token-based Security Mechanism for Database Protection in E-Government Service Systems