A methodology for workload characterization of E-commerce sites
Proceedings of the 1st ACM conference on Electronic commerce
AMVA techniques for high service time variability
Proceedings of the 2000 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
DEMIDS: a misuse detection system for database systems
Integrity and internal control information systems
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
The Vision of Autonomic Computing
Computer
Security as a Dimension of Quality of Service in Active Service Environments
AMS '01 Proceedings of the Third Annual International Workshop on Active Middleware Services
An Architectural Evaluation of Java TPC-W
HPCA '01 Proceedings of the 7th International Symposium on High-Performance Computer Architecture
Performance by Design: Computer Capacity Planning By Example
Performance by Design: Computer Capacity Planning By Example
Online Control for Self-Management in Computing Systems
RTAS '04 Proceedings of the 10th IEEE Real-Time and Embedded Technology and Applications Symposium
Utility Functions in Autonomic Systems
ICAC '04 Proceedings of the First International Conference on Autonomic Computing
Resource Allocation for Autonomic Data Centers using Analytic Performance Models
ICAC '05 Proceedings of the Second International Conference on Automatic Computing
Intrusion Detection in RBAC-administered Databases
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Workload Class Importance Policy in Autonomic Database Management Systems
POLICY '06 Proceedings of the Seventh IEEE International Workshop on Policies for Distributed Systems and Networks
Resource Selection for Autonomic Database Tuning
ICDEW '05 Proceedings of the 21st International Conference on Data Engineering Workshops
DIWeDa - Detecting Intrusions in Web Databases
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Generating Probabilistic and Intensity-Varying Workload for Web-Based Software Systems
SIPEW '08 Proceedings of the SPEC international workshop on Performance Evaluation: Metrics, Models and Benchmarks
Performance adaptation in real-time intrusion detection systems
RAID'02 Proceedings of the 5th international conference on Recent advances in intrusion detection
HengHa: data harvesting detection on hidden databases
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
M-score: estimating the potential damage of data leakage incident by assigning misuseability weight
Proceedings of the 2010 ACM workshop on Insider threats
A data-centric approach to insider attack detection in database systems
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Weighted intra-transactional rule mining for database intrusion detection
PAKDD'06 Proceedings of the 10th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining
Autonomic computing: an overview
UPP'04 Proceedings of the 2004 international conference on Unconventional Programming Paradigms
Quality-of-protection (QoP)-an online monitoring and self-protection mechanism
IEEE Journal on Selected Areas in Communications
An Autonomic Framework for Integrating Security and Quality of Service Support in Databases
SERE '12 Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability
Dealing with Burstiness in Multi-Tier Applications: Models and Their Parameterization
IEEE Transactions on Software Engineering
| Hi-index | 0.00 |
The ubiquity of database systems and the emergence of new and different threats require multiple and overlapping security mechanisms. Providing multiple and diverse database intrusion detection and prevention systems (IDPS) is a critical component of the defense-in-depth strategy for DB information systems. However, providing this level of security can greatly impact a system's QoS requirements. It would then be advantageous to use the combination of IDPSs that best meets the security and QoS concerns of the system stakeholders for each workload intensity level. Due to the dynamic variability of the workload intensity, it is not feasible for human beings to continuously reconfigure the system. We offer an autonomic computing approach for a self-protecting and self-optimizing database system environment that captures dynamic and fine-grained tradeoffs between security and QoS. The approach uses a multi-objective utility function that considers security overhead, perceived risk level, and high level stakeholder objectives. We describe the implementation of an autonomic controller that uses combinatorial search techniques and queuing network models to dynamically search for a near-optimal security configuration. We validate our approach experimentally on a TPC-W e-commerce site and show that our approach balances QoS and security goals.