Abstract
The age of Internet technology has introduced new types of attacks to new assets that did not exist before. Databases that represent information assets are subject to attacks that have malicious intentions, such as stealing sensitive data, deleting records or violating the integrity of the database. Many counter measures have been designed and implemented to protect the databases and the information they host from attacks. While preventive measures could be overcome and detection measures could detect an attack late after damage has occurred, there is a need for a recovery algorithm that will recover the database to its correct previous state before the attack. Numerous damage assessment and recovery algorithms have been proposed by researchersIn this work, we present an efficient lightweight detection and recovery algorithm that is based on the matrix approach and that can be used to recover from malicious attacks. We compare our algorithm with other approaches and show the performance results.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ammann P, Jajodia S, Liu P (2002) Recovery from malicious transactions. IEEE Trans Knowl Data Eng 14:1167–1185
Bai K, Liu P (2009) A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems. In: Proceedings of the 12th international conference on extending database technology: advances in database technology (EDBT ’09), pp 720–731
Bernstein P, Hadzilacos V, Goodman N (1986) Concurrency control and recovery in database systems. Addison Wesley, London
Chakraborty A, Majumdar A, Sural S (2009) A column dependency based approach for static and dynamic recovery of databases from malicious transactions. Int J Inf Secur 9:51–67
Chalurkar S, Kakade S, Khochare N, Meshramm B (2011) Survey on SQL injection attacks and their countermeasures. IJC EM Int J Comput Eng Manag 14:2230–7893
Christian R, Ryan M, Wohlrabe J (2001) Handwashing and respiratory illness among young adults in military training. Am J Prev Med 21:79–83
Feng Y, Hu G, Xie M, Zhu H (2008) Tracking and repairing damaged databases using before image table. In: Japan–China joint workshop on frontier of computer science and technology, pp 36–41
Gray J, Reuter A (1993) Transaction processing concepts and techniques. Morgan Kaufmann, Los Altos
Haraty R, Zeitunlian A (2007) Damage assessment and recovery from malicious transactions using data dependency for defensive information warfare. ISESCO Sci Technol Vis 3:43–50
Haraty R, Zbib M (2014) A matrix-based damage assessment and recovery algorithm. In: Innovations for community services (I4CS), pp 22–27
Haraty R, Zbib M, Masud M (2015) Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems. J Peer-to-Peer Netw Appl. doi:10.1007/s12083-015-0361-z
Hu Y, Panda B, Zhou J (2005) Succinct and fast accessible data structures for database damage assessment. In: Ghosh R, Mohanty H (eds) Distributed computing and internet technology, vol 3347. Springer, Berlin, pp 111–119
Hutchinson W, Warren W (2001) Information warfare: corporate attack and defense in a digital world. Butterworth-Heinemann, Oxford
Ji Q, Le J, Xia X (2012) Research on transaction dependency mechanism of self-healing database system. In: Proceedings of international conference on systems and informatics, pp 2357–2360
Kaddoura S, Haraty R, Zekri A, Masud M (2015) Tracking and repairing damaged healthcare databases using the matrix. Int J Distrib Senor Netw
Kumar C, Ramesh D, Kumar V (2013) A resilient failure evaluation and patch-up (R-FEP) algorithm for heterogeneous distributed databases. Int J Comput Appl 62:20–25
Megan B (2015) Information warfare: what and how? http://www.cs.cmu.edu/~burnsm/InfoWarfare.html
Panda B, Tripathy S (2000) Data dependency based logging for defensive information warfare. In: Proceedings of the 2000 ACM symposium on applied computing, pp 361–365
Panda B, Haque K (2002) Extended data dependency approach: a robust way of rebuilding database. In: Proceedings of the 2002 ACM symposium on applied computing, pp 445–452
Panda B, Ragothaman P (2003) Analyzing transaction logs for effective damage assessment. In: Gudes E, Shenoi S (eds) Research directions in data and applications security, vol 128. Springer, Cambridge, pp 121–134
Panda B, Zhou J (2003) Database damage assessment using a matrix based approach: an intrusion response system. In: Proceedings of 7th international database engineering and applications symposium, pp 336–341
Panda B, Zuo Y (2004) Damage discovery in distributed database systems. In: Farkas C, Samarati P (eds) Research directions in data and applications security XVIII, vol 144. Springer, Berlin, pp 111–123
Panda B, Zuo Y (2004) Fuzzy dependency and its applications in damage assessment and recovery. In: Proceedings of the 2004 IEEE Workshop on Information Assurance, pp 350–357
Qin X, Sun J, Zheng J (2007) Data dependency based recovery approaches in survival database systems. In: Shi Y, Van Albada G, Dongarra J, Sloot P (eds) Computational Science—ICCS 2007, vol 4488. Springer, Berlin, pp 1131–1138
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Haraty, R.A., Sai, M.E. Information warfare: a lightweight matrix-based approach for database recovery. Knowl Inf Syst 50, 287–313 (2017). https://doi.org/10.1007/s10115-016-0940-1
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10115-016-0940-1