A Multi-version Database Damage Assessment Model

Kranthi Kurra, Brajendra Panda, Yi Hu

Abstract

Unauthorized data access and malicious data corruption can have very deleterious impact on an organization. To minimize the effect fast and accurate damage assessment and appropriate recovery must be performed as soon as such an attack is detected. This research focuses on damage assessment procedures using multi-version data in the Database System. By utilizing the proposed multi-version data scheme, it is possible to eliminate the impact of malicious database transactions by providing appropriate versions of data items to transactions during damage assessment procedure.

References

  1. Defending America's cyberspace: National plan for information system protection, version 1.0. The White House, Washington, DC, 2000.
  2. D. Barbara, R. Goel, and S. Jajodia. Mining Malicious Data Corruption with Hidden Markov Models. In Proceedings of the 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England, July 2002.
  3. Y. Hu and B. Panda. Identification of Malicious Transactions in Database Systems. In Proceedings of the 7th International Database Engineering and Applications Symposium July, 2003.
  4. P. Ammann, S. Jajodia, C.D. McCollum, and B.T. Blaustein. Surviving information warfare attacks on databases. In Proceedings of the IEEE Symposium on Security and Privacy, pages 164--174, Oakland, CA, May 1997.
  5. P. Liu, P.Ammann, and S. Jajodia. Rewriting Histories: Recovering from Malicious Transactions. In Distributed and Parallel Databases, Vol. 18, No. 1, pages 7-40, January 2000.
  6. C. Lala and B. Panda. Evaluating Damage from Cyber Attacks: A Model and Analysis. IEEE Transactions on System, Man, and Cybernetics - Part A, Special Issue on Information Assurance, Vol. 31, No. 4, July 2001.
  7. M. Yu, P. Liu, W. Zang, Multi-Version Data Objects Based Attack Recovery of Workflows, Proc. 19th Annual Computer Security Applications Conference (ACSAC 7803), Las Vegas, Dec, 2003, pages 142-151.
  8. Y. Hu and B. Panda, A Data Mining Approach for Database Intrusion Detection, In Proceedings of the 19th ACM Symposium on Applied Computing, Nicosia, Cyprus, Mar. 2004.
  9. X. Jia, S. Zhang, J. Jing, and P. Liu, “Using Virtual Machines to Do Cross-Layer Damage Assessment”, In the Proceedings of ACM Workshop on Virtual Machine Security, in association with ACM CCS, 2008.
  10. P. Liu and M. Yu. Damage assessment and repair in attack resilient distributed database systems. Computer Standards and Interfaces, 33:96-107, January 2011.
Download


Paper Citation


in Harvard Style

Kurra K., Panda B. and Hu Y. (2013). A Multi-version Database Damage Assessment Model . In Proceedings of the 10th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2013) ISBN 978-989-8565-64-8, pages 100-108. DOI: 10.5220/0004590501000108


in Bibtex Style

@conference{wosis13,
author={Kranthi Kurra and Brajendra Panda and Yi Hu},
title={A Multi-version Database Damage Assessment Model},
booktitle={Proceedings of the 10th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2013)},
year={2013},
pages={100-108},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004590501000108},
isbn={978-989-8565-64-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 10th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2013)
TI - A Multi-version Database Damage Assessment Model
SN - 978-989-8565-64-8
AU - Kurra K.
AU - Panda B.
AU - Hu Y.
PY - 2013
SP - 100
EP - 108
DO - 10.5220/0004590501000108