Skip to main content
SpringerLink
Log in

A column dependency-based approach for static and dynamic recovery of databases from malicious transactions

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Even state of the art database protection mechanisms often fail to prevent occurrence of malicious attacks. Since in a database environment, the modifications made by one transaction may affect the execution of some of the later transactions, it leads to spreading of the damage caused by malicious (bad) transactions. Following traditional log-based recovery schemes, one can rollback (undo) the effect of all the transactions, both malicious as well as non-malicious. In such a scenario, even the unaffected transactions are also rolled back. In this paper, we propose a column dependency-based approach to identify the affected transactions which need to be compensated along with the malicious transactions. To ensure durability, committed non-malicious transactions are then re-executed in a manner that retains database consistency. We present a static recovery algorithm as well as an on-line version of the same and prove their correctness. A detailed performance evaluation of the proposed scheme with TPC-C benchmark suite is also presented.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Ammann P., Jajodia S., Mavuluri P.: On-the-fly reading of entire databases. IEEE Trans. Knowl. Data Eng. 7(5), 834–838 (1995)

    Article  Google Scholar 

  2. Korth, H.F., Levy, E., Silberschatz, A.: A formal approach to recovery by compensating transactions. In: VLDB J., pp. 95–106 (1990)

  3. Garcia-Molina H.: Using semantic knowledge for transaction processing in a distributed database. ACM Trans. Database Syst. 8(2), 186–213 (1983)

    Article  Google Scholar 

  4. Garcia-Molina, H., Salem, K.: Sagas. In: Proceedings of the Association for Computing Machinery Special Interest Group on Management of Data 1987 Annual Conference, pp. 249–259 (1987)

  5. Weikum G., Vossen G.: Transactional Information Systems: Theory, Algorithms, and the Practice of Concurrency Control and Recovery. Morgan Kaufmann, Los Altos (2002)

    Google Scholar 

  6. Fugini M., Castano S.: Database Security. ACM Press, New York (1994)

    Google Scholar 

  7. Sandhu R., Chen F.: The multilevel relational (mlr) data model. ACM Trans. Inf. Syst. Secur. 1(1), 93–132 (1998)

    Article  Google Scholar 

  8. Atluri V., Jajodia S., George B.: Multilevel Secure Transaction Processing. Kluwer, Dordrecht (1999)

    Google Scholar 

  9. Hu, Y., Panda, B.: A data mining approach for database intrusion detection. In: SAC’04, Proceedings of the 2004 ACM Symposium on Applied Computing, New York, pp. 711–716. ACM Press (2004)

  10. Zhong, Y., Qin, X.: Database intrusion detection based on user query frequent itemsets mining with item constraints. In: InfoSecu ’04 Proceedings of the 3rd International Conference on Information Security, New York, pp. 224–225. ACM Press (2004)

  11. Bertino E., Sandhu R.: Database security concepts, approaches, and challenges. IEEE Trans. Dependable Secur. Comput. 2(1), 2–19 (2005)

    Article  Google Scholar 

  12. Lazarevic A., Kumar V., Srivastava J.: Intrusion detection: a survey. Manag. Cyber Threat. Issues Approaches Chall. 5, 19–78 (2005)

    Article  Google Scholar 

  13. Panigrahi S., Sural S., Majumdar A.K.: Detection of intrusive activity in databases by combining multiple evidences and belief update. In: IEEE Symposium on Computational Intelligence in Cyber Security, Tennessee, pp. 83–90. IEEE (2009)

  14. Ammann P., Jajodia S., Liu P.: Recovery from malicious transactions. IEEE Trans. Knowl. Data Eng. 14(5), 1167–1185 (2002)

    Article  Google Scholar 

  15. Jajodia S., McCollum C.D., Ammann P.: Trusted recovery. Commun. ACM 42(7), 71–75 (1999)

    Article  Google Scholar 

  16. Liu P.: Itdb, an attack self-healing database system prototype. In: 3rd DARPA information survivability conference and exposition (DISCEX-III 2003), Washington, pp. 131–133. IEEE Computer Society (2003)

  17. Liu P., Jing J., Luenam P., Wang Y., Li L., Ingsriswang S.: The design and implementation of a self-healing database system. J. Intell. Inf. Syst. 23(3), 247–269 (2004)

    Article  MATH  Google Scholar 

  18. Smirnov, A., Chiueh, T.: A portable implementation framework for intrusion-resilient database management systems. In: Proceedings of DSN 2004. Florence (2004)

  19. Panda, B., Zhou, J.: Database damage assessment using a matrix-based approach: an intrusion response system. In: 7th International Database Engineering and Applications Symposium (IDEAS 2003), pp. 336–341 (2003)

  20. Panda, B., Haque, A.: Extended data dependency approach: a robust way of rebuilding database. In: Proceedings of the 2002 ACM Symposium on Applied Computing (SAC), Madrid, pp. 446–452. ACM (2002)

  21. Ray I., McConnell R. M., Lunacek M., Kumar V.: Reducing damage assessment latency in survivable databases. In: Proceedings of 21st British National Conference on Databases, BNCOD 21, vol. 3112 of LNCS, pp. 106–111. Springer, Berlin (2004)

  22. Yalamanchili R., Panda B.: Transaction fusion: a model for data recovery from information attacks. J. Intell. Inf. Syst. 23(3), 225–245 (2004)

    Article  MATH  Google Scholar 

  23. Liu, P., Hao, X.: Efficient damage assessment and repair in resilient distributed database systems. In: Proceedings of the 15th Annual Working Conference on Database and Application Security, Norwell, pp. 75–89. Kluwer (2002)

  24. Zuo, Y., Panda, B.: Damage discovery in distributed database systems. In: DBSec, pp. 111–123 (2004)

  25. Zhou, J., Panda, B., Hu, Y.: A log independent distributed database damage assessment model. In: Proceedings of the 2005 IEEE Workshop on Information Assurance and Security, pp. 302–309 (2005)

  26. Sobhan, R., Panda, B.: Reorganization of database log for information warfare data recovery. In: IFIP TC11/WG11.3 15th Annual Working Conference on Database and Application Security, Ontario, vol. 215 of IFIP Conference Proceedings, pp. 121–134. Kluwer (2002)

  27. Panda, B., Haque, K. A.: Extended data dependency approach: a robust way of rebuilding database. In: Proceedings of the 2002 ACM Symposium on Applied Computing (SAC), Madrid, pp. 446–452. ACM (2002)

  28. Sobhan, R., Panda, B.: Sequential damage assessment and recovery using semantic logging. In: Proceedings of the 2002 IEEE Workshop on Information Assurance, United States Military Academy, New York. IEEE (2002)

  29. Lomet D.B., Vagena Z., Barga R.S.: Recovery from “bad” user transactions. In: Proceedings of the 2006 ACM SIGMOD Conference, pp. 337–346. ACM (2006)

  30. Ragothaman, P., Panda, B.: Hybrid log segmentation for assured damage assessment. In: SAC ’03: Proceedings of the 2003 ACM Symposium on Applied Computing, pp. 522–527, New York. ACM Press (2003)

  31. Liu, P.: Architectures for intrusion tolerant database systems. In: ACSAC, pp. 311–320 (2002)

  32. Chakraborty A., Garg M.K., Majumdar A.K., Sural S.: Attack recovery from malicious transactions in distributed database systems. Int. J. Inform. Comput. Secur. 2(2), 197–217 (2008)

    Article  Google Scholar 

  33. Halfond, W.G.J., Orso, A.: Amnesia: analysis and monitoring for neutralizing sql-injection attacks. In: 20th IEEE/ACM International Conference on Automated Software Engineering (ASE 2005), Long Beach, pp. 174–183. ACM (2005)

  34. Buehrer, G., Weide, B. W., Sivilotti, P. A. G.: Using parse tree validation to prevent sql injection attacks. In: Proceedings of the 5th International Workshop on Software Engineering and Middleware, SEM 2005, Lisbon, pp. 106–113. ACM (2005)

  35. Bernstein P.A., Hadzilacos V., Goodman N.: Concurrency Control and Recovery in Database Systems. Addison-Wesley Longman, Boston (1987)

    Google Scholar 

  36. TPC-C benchmark. http://www.tpc.org/tpcc/default.asp

  37. Telemedik. http://www.telemedik.iitkgp.ernet.in/

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science & Engineering, Indian Institute of Technology, Kharagpur, India

    Anindya Chakraborty & Arun K. Majumdar

  2. School of Information Technology, Indian Institute of Technology, Kharagpur, India

    Shamik Sural

Authors
  1. Anindya Chakraborty
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Arun K. Majumdar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shamik Sural
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shamik Sural.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Chakraborty, A., Majumdar, A.K. & Sural, S. A column dependency-based approach for static and dynamic recovery of databases from malicious transactions. Int. J. Inf. Secur. 9, 51–67 (2010). https://doi.org/10.1007/s10207-009-0095-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-009-0095-0

Keywords

Search

Navigation