Using Checksums to Detect Data Corruption
In this paper, we consider the problem of malicious and intended corruption of data in a database, acting outside of the scope of the database management system. Although detecting an attacker who changes a set of database values at the disk level is a simple task (achievable by attaching signatures to each block of data), a more sophisticated attacker may corrupt the data by replacing the current data with copies of old block images, compromising the integrity of the data. To prevent successful completion of this attack, we provide a defense mechanism that enormously increases the intruders workload, yet maintains a low system cost during an authorized update. Our algorithm calculates and maintains two levels of signatures (checksum values) on blocks of data. The signatures are grouped in a manner that forces an extended series of block copying for any unauthorized update. Using the available information on block sizes, block reference patterns and amount of concurrently active transactions in the database, we calculate the length of this chain of copying, proving that the intruder has to perform a lot of work in order to go undetected. Therefore, our technique makes this type of attack very unlikely. Previous work has not addressed protection methods against this knowledgeable and equipped intruder who is operating outside the database management system.
Unable to display preview. Download preview PDF.
- 1.Barbará, D., Lipton, R.J.: A Class of Randomized Strategies for Low-Cost Comparison of File Copies. IEEE Transactions on Parallel and Distributed Systems, 2:2 April 1991.Google Scholar
- 2.Bohannon, P., Rastogi R., Seshadri S., Silberschatz A., Sudarshan S.: Using Code-words to Protect Database Data from a Class of Software Errors. Proceedings of the International Conference on Data Engineering, 1999.Google Scholar
- 3.Chawathe, S., Rajaraman, A., Garcia-Molina, H., Widom, J.: Change Detection in Hierarchically Structured Information. Proceedings of the International ACM-SIGMOD Conference on Management of Data. (1995).Google Scholar
- 4.Choi, J., Noh S., Min, S.L., Cho, Y.: An Adaptive Block Management Scheme Using On-Line Detection of Block Reference Patterns. Proceedings of the Int’l Workshop on Multimedia Database Management Systems, 1998.Google Scholar
- 5.Durst, R., Champion, T, Witten, B., Miller E., Spagnuolo L.: Testing and Evaluating Computer Intrusion Detection Systems. Communications of the ACM, July 1999, 53–61.Google Scholar
- 6.Kim, G., Spafford, E.H.: The Design and Implementation of Tripwire: A File System Integrity Checker. Proceedings of the 2nd ACM Conference on Computer and Communications Security. (1994).Google Scholar
- 7.McDermott, J., Goldschlag, D.: Storage Jamming. Database Security IX: Status and Prospects, Chapman & Hall, London (1996) 365–381.Google Scholar
- 8.McDermott, J., Goldschlag, D.: Towards a Model of Storage Jamming. Proceedings of the IEEE Computer Security Foundations Workshop, June 1996, 176–185.Google Scholar
- 10.Salem, K., Barbará, D., Lipton, R.J.: Probabilistic Diagnosis of Hot Spots. Proceedings of the Eight International Conference on Data Engineering, 1992.Google Scholar