Evaluating the survivability of Intrusion Tolerant Database systems and the impact of intrusion detection deficiencies

Authors:
Hai Wang;Peng Liu;Lunquan Li
Affiliations:
College of Information Sciences and Technology, Pennsylvania State University, University Park, PA 16802, USA.;College of Information Sciences and Technology, Pennsylvania State University, University Park, PA 16802, USA.;College of Information Sciences and Technology, Pennsylvania State University, University Park, PA 16802, USA
Venue:
International Journal of Information and Computer Security
Year:
2007

Citing 13
Cited 0

A survey of intrusion detection techniques

Computers and Security
Testing and evaluating computer intrusion detection systems

Communications of the ACM
Survivable Information Storage Systems

Computer
Recovery from Malicious Transactions

IEEE Transactions on Knowledge and Data Engineering
Architectures for Intrusion Tolerant Database Systems

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
ODAR: an on-the-fly damage assessment and repair system for commercial database applications

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
A Portable Implementation Framework for Intrusion-Resilient Database Management Systems

DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Model-Based Evaluation: From Dependability to Security

IEEE Transactions on Dependable and Secure Computing
Testing network-based intrusion detection signatures using mutant exploits

Proceedings of the 11th ACM conference on Computer and communications security
Model-Based Validation of an Intrusion-Tolerant Information System

SRDS '04 Proceedings of the 23rd IEEE International Symposium on Reliable Distributed Systems
Backtracking intrusions

ACM Transactions on Computer Systems (TOCS)
Forensix: A Robust, High-Performance Reconstruction System

ICDCSW '05 Proceedings of the Second International Workshop on Security in Distributed Computing Systems (SDCS) (ICDCSW'05) - Volume 02
The design and implementation of a self-healing database system

Journal of Intelligent Information Systems - Special issue: Database and applications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The immaturity of current intrusion detection techniques limits traditional security mechanisms in surviving malicious attacks. Intrusion tolerance approaches have emerged to overcome these limitations. However, to what extent an intrusion tolerant system can mitigate detection deficiencies is still unknown. In this paper, we focus on quantifying the capability of a resilient database system surviving intrusions. An Intrusion Tolerant DataBase system (ITDB) is studied as an example. Our experimental results indicate that ITDB can maintain the desired level of data integrity and availability without being seriously affected by various intrusion detection deficiencies. The impact of intrusion tolerance operations on performance is also evaluated.