Abstract
Traditional secure database systems rely on preventive controls and are very limited in surviving malicious attacks because of intrusion detection deficiencies. ITDB, a Intrusion Tolerant Database prototype system, has been proposed, which can detect intrusions, repair the damage caused by intrusions in a timely manner. In this paper, we evaluate ITDB using TPC-C benchmark. The performance measurements show that ITDB system is cost-effective within reasonable False Alarm Rate and Detection Latency ranges. Our experiment results also indicate that ITDB can achieve good survivability without being seriously affected by various intrusion detection deficiencies. It can provide essential database services in the presence of attacks, and maintain the desired essential (security) properties such as integrity and performance.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ammann, P., Jajodia, S., Liu, P.: Recovery from Malicious Transactions. IEEE Transactions on Knowledge and Data Engineering 15, 1167–1185 (2002)
Ammann, P., Jajodia, S., McCollum, C.D., Blaustein, B.T.: Surviving information warfare attacks on databases. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 164–174 (1997)
Barbara, D., Goel, R., Jajodia, S.: Using checksums to detect data corruption. In: Proceedings of the 2000 International Conference on Extending Data Base Technology (2000)
Bishop, M., Cheung, S., et al.: The Threat from the Net. IEEE Spectrum 38 (1997)
Graubart, R., Schlipper, L., McCollum, C.: Defending database management systems against information warfare attacks. Technical report, The MITRE Corporation (1996)
Helman, P., Liepins, G.: Statistical foundations of audit trail analysis for the detection of computer misuse. IEEE Transactions on Software Engineering 19, 886–901 (1993)
Jagannathan, R., Lunt, T.: System design document: Next generation intrusion detection expert system (nides). Technical report, SRI International (1993)
Knight, J., Sullivan, K., et al.: Survivability architectures: Issues and approaches. In: Proceedings of the 2000 DARPA Information Survivability Conference & Exposition, pp. 157–171 (2000)
Luenam, P., Liu, P.: ODAR: An On-the-fly Damage Assessment and Repair System for Commercial Database Applications. Proc. 15th IFIP WG 11.3 Working Conference on Data and Application Security (2001)
Lunt, T.F.: A Survey of Intrusion Detection Techniques. Computers & Security 12, 405–418 (1993)
Maheshwari, U., Vingralek, R., Shapiro, B.: How to Build a Trusted Database System on Untrusted Storage. In: Proc. USENIX Symposium on Operating Systems Design and Implementation, OSDI (2000)
McDermott, J., Goldschlag, D.: Towards a model of storage jamming. In: Proceedings of the IEEE Computer Security Foundations Workshop, pp. 176–185 (1996)
Medhi, D., Tipper, D.: Multi-layered network survivability- models, analysis, architecture, framework and implementation: An overview. In: Proceedings of the 2000 DARPA Information Survivability Conference & Exposition, pp. 173–186 (2000)
Mukherjee, B., Heberlein, L.T., Levitt, K.N.: Network Intrusion Detection. IEEE Network, 26–41 (1994)
Liu, P.: Architectures for Intrusion Tolerant Database Systems. In: Proc. 2002 Annual Computer Security Applications Conference, pp. 311–320 (2002)
Stavridou, V.: Intrusion tolerant software architectures. In: Proceedings of the 2001 DARPA Information Survivability Conference & Exposition (2000)
TPC-C benchmark, http://www.tpc.org/tpcc/
Wylie, J.J., Bigrigg, M.W., et al.: Survivable information storage systems. IEEE Computer 8, 61–68 (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, H., Liu, P., Li, L. (2004). Evaluating the Impact of Intrusion Detection Deficiencies on the Cost-Effectiveness of Attack Recovery. In: Zhang, K., Zheng, Y. (eds) Information Security. ISC 2004. Lecture Notes in Computer Science, vol 3225. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30144-8_13
Download citation
DOI: https://doi.org/10.1007/978-3-540-30144-8_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23208-7
Online ISBN: 978-3-540-30144-8
eBook Packages: Springer Book Archive