A column dependency-based approach for static and dynamic recovery of databases from malicious transactions

Even state of the art database protection mechanisms often fail to prevent occurrence of malicious attacks. Since in a database environment, the modifications made by one transaction may affect the execution of some of the later transactions, it leads to spreading of the damage caused by malicious (bad) transactions. Following traditional log-based recovery schemes, one can rollback (undo) the effect of all the transactions, both malicious as well as non-malicious. In such a scenario, even the unaffected transactions are also rolled back. In this paper, we propose a column dependency-based approach to identify the affected transactions which need to be compensated along with the malicious transactions. To ensure durability, committed non-malicious transactions are then re-executed in a manner that retains database consistency. We present a static recovery algorithm as well as an on-line version of the same and prove their correctness. A detailed performance evaluation of the proposed scheme with TPC-C benchmark suite is also presented.     

Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems

In a data sharing system in a cloud computing environment, such as health care system, peers or data sources execute transactions on-the-fly in response to user queries without any centralized control. In this case confidential data might be intercepted or read by hackers. We cannot consider any centralized control for securing data since we cannot assume any central third party security infrastructure (e.g., PKI) to protect confidential data in a data sharing system. Securing health information from malicious attacks has become a major concern. However, securing the data from attacks sometimes fail and attackers succeed in inserting malicious data. Hence, this presents a need for fast and efficient damage assessment and recovery algorithms. In this paper, we present an efficient data damage assessment and recovery algorithm to delete malicious transactions and recover affected transactions in a data source in a health care system based on the concept of the matrix. We compare our algorithm with other approaches and show the performance results.     

Recovery from malicious transactions

Preventive measures sometimes fail to deflect malicious attacks. We adopt an information warfare perspective, which assumes success by the attacker in achieving partial, but not complete, damage. In particular, we work in the database context and consider recovery from malicious but committed transactions. Traditional recovery mechanisms do not address this problem, except for complete rollbacks, which undo the work of benign transactions as well as malicious ones, and compensating transactions, whose utility depends on application semantics. Recovery is complicated by the presence of benign transactions that depend, directly or indirectly, on the malicious transactions. We present algorithms to restore only the damaged part of the database. We identify the information that needs to be maintained for such algorithms. The initial algorithms repair damage to quiescent databases; subsequent algorithms increase availability by allowing new transactions to execute concurrently with the repair process. Also, via a study of benchmarks, we show practical examples of how offline analysis can efficiently provide the necessary data to repair the damage of malicious transactions.     

Planning and Implementing Kerberos for Large Distributed Systems Part 1

ABSTRACT

For maintaining the consistency of database, the recovery algorithms traditionally depend on complete rollback to a consistent checkpoint. The recovery problem from committed malicious transactions can be solved by determining the dependencies between the transactions in window of vulnerability. Since the size of transactional log may grow very large, recovery becomes a complex and time-consuming process. In this paper, we propose an approach which incorporates application specific information to determine transactional dependencies. The approach is applied to column based transaction dependency to obtain better performance. The system is implemented at application layer where SQL queries are generated. In recovery phase, we consider only affected and malicious transactions for rollback and skip the good transactions.     

自修复数据库系统日志机制研究

选择性恢复使得一个自修复数据库系统在受到恶意攻击后,只需撤销历史中受到恶意事务感染的那部分操作,无需回滚整段历史,但要求日志机制支持对事务间依赖关系的追踪及前像数据的长期保存。通过分析传统日志机制的不足以及现有原型系统实现方法存在的问题,提出了一种新的日志结构。该日志包含事务依赖信息,并以前像表代替传统日志机制中的回滚段。给出了基于该日志结构的数据库恢复方法,并在时间和空间开销方面对本方法与其它方法进行了分析和比较。     

Transaction Fusion: A Model for Data Recovery from Information Attacks

The escalation of electronic attacks on databases in recent times demands fast and efficient recovery methods. The existing recovery techniques are too time-consuming as they first undo all malicious and affected transactions individually, and then redo all affected transactions, again, individually. In this paper, we propose a method that accelerates the undo and redo phases of the recovery. The method developed involves combining or fusing malicious or affected transactions occurring in groups. These fused transactions are executed during undo and redo phases instead of execution of individual transactions. By fusing relevant transactions into a single transaction, the number of operations such as start, commit, read, and write are minimized. Thus, data items which were required to be accessed multiple times in case of individual transactions are accessed only once in a fused transaction. The amount of log I/O's is reduced. This expedites the recovery procedure in the event of information attacks. A simulation analysis of the proposed model confirmed our claim.     

Dynamic Damage Recovery for Web Databases

In the web context, there is an urgent need for a self-healing database system which has the ability to auto- matically locate and undo a set of transactions that are corrupted by malicious attacks. The metrics of survivability and availability require a database to provide continuous services during the period of recovery, which is referred to as dynamic recovery. In this paper, we present that an extended read operation from a corrupted data would cause damage spread- ing. We build a fine grained transact...     

Detecting intrusion transactions in database systems:a novel approach

The security of computers and their networks is of crucial concern in the world today. One mechanism to safeguard information stored in database systems is an Intrusion Detection System (IDS). The purpose of intrusion detection in database systems is to detect malicious transactions that corrupt data. Recently researchers are working on using data mining techniques for detecting such malicious transactions in database systems. Their approach concentrates on mining data dependencies among data items. However, the transactions not compliant with these data dependencies are identified as malicious transactions. Algorithms that these approaches use for designing their data dependency miner have limitations. For instance, they need to experimentally determine appropriate settings for minimum support and related constraints, which does not necessarily lead to strong data dependencies. In this paper we propose a new data mining algorithm, called the Optimal Data Access Dependency Rule Mining (ODADRM), for designing a data dependency miner for our database IDS. ODADRM is an extension of k-optimal rule discovery algorithm, which has been improved to be suitable in database intrusion detection domain. ODADRM avoids many limitations of previous data dependency miner algorithms. As a result, our approach is able to track normal transactions and detect malicious ones more effectively than existing approaches.     

Garbage collection in object-oriented databases using transactional cyclic reference counting

Garbage collection is important in object-oriented databases to free the programmer from explicitly deallocating memory. In this paper, we present a garbage collection algorithm, called Transactional Cyclic Reference Counting (TCRC), for object-oriented databases. The algorithm is based on a variant of a reference-counting algorithm proposed for functional programming languages The algorithm keeps track of auxiliary reference count information to detect and collect cyclic garbage. The algorithm works correctly in the presence of concurrently running transactions, and system failures. It does not obtain any long-term locks, thereby minimizing interference with transaction processing. It uses recovery subsystem logs to detect pointer updates; thus, existing code need not be rewritten. Finally, it exploits schema information, if available, to reduce costs. We have implemented the TCRC algorithm and present results of a performance study of the implementation. Received January 1, 1998 / Accepted May 27, 1998     

自修复数据库选择性恢复机制

选择性恢复使得自修复数据库在发生用户错误操作或入侵事务导致的故障之后,只撤销错误操作或入侵事务以及受感染的可疑事务,而保留未受感染的合法事务.提出一种新的选择性恢复机制,使用事务依赖日志、写操作日志和事务语句日志,分别记录事务间的依赖关系、事务写操作的前像数据和事务执行语句,在故障发生后,可以使数据库恢复到故障发生前一...