Transaction fusion: a model for data recovery from information attacks
Journal of Intelligent Information Systems - Special issue: Database and applications security
Improving the cyber incident mission impact assessment (CIMIA) process
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead
A hybrid model for worm simulations in a large network
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
A time-variant risk analysis and damage estimation for large-scale network systems
ICCSA'05 Proceedings of the 2005 international conference on Computational Science and Its Applications - Volume Part II
Hybrid modeling for large-scale worm propagation simulations
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Recovering from malicious attacks in workflow systems
DEXA'05 Proceedings of the 16th international conference on Database and Expert Systems Applications
Succinct and fast accessible data structures for database damage assessment
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
Hi-index | 0.00 |
Accurate recovery from a cyber attack depends on fast and perfect damage assessment. For damage assessment, traditional recovery methods require that the log of an affected database must be scanned starting from the attacking transaction until the end. This is a time-consuming task. Our objective in this research is to provide techniques that can be used to accelerate the damage appraisal process and produce a correct result. We have presented a damage assessment model and four data structures associated with the model. Each of these structures uses dependency relationships among transactions, which update the database. These relationships are later used to determine exactly which transactions and exactly which data items are affected by the attacker. A performance comparison analysis obtained using simulation is provided to demonstrate the benefit of our model