Skip to main content
SpringerLink
Log in

Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

In a data sharing system in a cloud computing environment, such as health care system, peers or data sources execute transactions on-the-fly in response to user queries without any centralized control. In this case confidential data might be intercepted or read by hackers. We cannot consider any centralized control for securing data since we cannot assume any central third party security infrastructure (e.g., PKI) to protect confidential data in a data sharing system. Securing health information from malicious attacks has become a major concern. However, securing the data from attacks sometimes fail and attackers succeed in inserting malicious data. Hence, this presents a need for fast and efficient damage assessment and recovery algorithms. In this paper, we present an efficient data damage assessment and recovery algorithm to delete malicious transactions and recover affected transactions in a data source in a health care system based on the concept of the matrix. We compare our algorithm with other approaches and show the performance results.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Libicki M, Fellow S (1995) What is information warfare? United States Government Printing, United States

    Google Scholar 

  2. Chu J, Zihui G, Huber R, Ji P, Yates J, Yu Y (2012) ALERT-ID: Analyse Logs of the Network Element in Real Time for Intrusion Detection. Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defences

  3. Kurra K, Panda B, Li W, Hu Y (2015) An Agent based approach to perform damage assessment and recovery efficiently after a cyber attack to ensure E-government database security. Proceedings of the 48th Hawaii International Conference on System Sciences

  4. Hutchinsn W (2006) Information warfare and deception. Inf Sci 9:213–223

    Google Scholar 

  5. Hua D, Xiaolin Q, Guineng Z, Ziyue L (2011) SQRM: an effective solution to suspicious users in database. DBKDA 2011: The Third International Conference on Advances in Databases, Knowledge, and Data Applications, St. Maarten, The Netherlands Antilles

  6. Kim T, Wang X, Zeldovich N, Kaashoek M (2010) Intrusion recovery using selective re-execution. Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI ’10), pp. 89–104

  7. Chakraborty A, Majumdar A, Sural S (2010) A column dependency based approach for static and dynamic recovery of databases from malicious transactions. Int J Inf Secur (ACM) 9(1):51–67

    Article  Google Scholar 

  8. Panda B, Zhou J (2003) Database damage assessment using a matrix based approach: An intrusion response system. Proceedings of the 7th International Database Engineering and Applications Symposium (IDEAS 2003), pp. 336–341

  9. Panda B, Perrizo W Haraty RA (1994) Secure transaction management and query processing in multilevel secure database systems. Proceedings of the Symposium on Applied Computing. Phoenix, AZ, pp. 363–368

  10. Ning P, Jajodia S (2004) Intrusion detection techniques. Internet Encycl 2:355–368

    Google Scholar 

  11. Megan B (1999) Information warfare: What and how? Carnegie Mellon School of Computer Science. Retrieved from http://www.cs.cmu.edu/~burnsm/InfoWarfare.html

  12. Haeni R (1997) Information warfare an introduction. The George Washington University, Washington DC

    Google Scholar 

  13. Panda B, Haque KA (2002) Extended data dependency approach: a robust way of rebuilding database. Proceedings of the 2002 ACM Symposium on Applied Computing, pp. 445–452

  14. Panda B, Gordano J (1998) Reconstructing the database after electronic attacks. Proceedings of the IFIP TC11 WG 11.3 Twelfth International Working Conference on Database Security XII: Status and Prospects

  15. Ammann P, Jajodia S, Liu P (2002) Recovery from malicious transactions. IEEE Trans Knowl Data Eng 14(5):1167–1185

    Article  Google Scholar 

  16. Fu G, Zhu H, Feng Y, Zhu Y, Shi J, Chen M (2008) Fine grained transaction log for data recovery in database system. Third Asia-Pacific Trusted Infrastructure Technologies Conference (IEEE), Washington, DC, USA

  17. Lomet D, Vagena Z, Barga R (2006) Recovery from “Bad” user transactions. SIGMOD, June 27–29, Chicago, Illinois, USA

  18. Ragothaman P, Panda B (2002) Analyzing transaction logs for effective damage assessment. Proceedings of the 16th Annual IFPI WG 11.3 Working Conference on Database and Application Security, pp. 121–134

  19. Haraty RA, Zeitunlian A (2007) Damage assessment and recovery from malicious transactions using data dependency. ISESCO J Sci Technol 3(4):43–50

    Google Scholar 

  20. Zhou J, Panda B, Hu Y (2004) Succinct and fast accessible data structures for database damage assessment. In: Gosh R, Mohanty H (eds) Distributed computing and internet technology. Springer, Berlin, pp 111–119

    Google Scholar 

  21. Zhou J, Panda B (2005) A log independent distributed database damage assessment model. Proceedings of the 2005 I.E. Workshop on Information Assurance and Security, pp. 302–309

  22. Xie M, Zhu H, Feng Y, Hu G (2008) Tracking and repairing damaged databases using before image table. Japan-China Joint Workshop on Frontier of Computer Science and Technology (IEEE), pp. 36–41

  23. Liu P, Yu M (2011) Damage assessment and repair in attack resilient distributed database systems. Assoc Comput Mach (ACM) 33(1):96–107

    Google Scholar 

  24. Lala C, Panda B (2001) Evaluating damage from cyber-attacks: a model and analysis. IEEE Trans Syst Man Cybern 31(4):300–310

    Article  Google Scholar 

  25. Ray I, McConnell R, Lunacek M, Kumar V (2004) Reducing damage assessment latency in survivable databases. In: Howard W, Lachlan M (eds) Key technologies for data management. Springer, Berlin, pp 106–111

    Chapter  Google Scholar 

  26. Gray J, Reuter A (1993) Transaction processing concepts and techniques. Morgan Kaufmann, San Francisco

    MATH  Google Scholar 

  27. Bernstein P, Hadzilacos V, Goodman N (1987) Concurrency control and recovery in database systems. Addison-Wesley, Massachusetts

    Google Scholar 

  28. Microsoft Corporation – Northwind and Pubs Sample Databases for SQL Server 2000 (2015) http://www.microsoft.com/en-us/download/details.aspx?id=23654. Retrieved on 10 Mar 2015

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Mathematics, Lebanese American University, Beirut, Lebanon

    Ramzi A. Haraty & Mirna Zbib

  2. Department of Computer Science, Taif University, Taif, Saudi Arabia

    Mehedi Masud

Authors
  1. Ramzi A. Haraty
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mirna Zbib
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mehedi Masud
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ramzi A. Haraty.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Haraty, R.A., Zbib, M. & Masud, M. Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems. Peer-to-Peer Netw. Appl. 9, 812–823 (2016). https://doi.org/10.1007/s12083-015-0361-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-015-0361-z

Keywords

Search

Navigation