The design and implementation of a self-healing database system
Journal of Intelligent Information Systems - Special issue: Database and applications security
Online detection of malicious data access using DBMS auditing
Proceedings of the 2008 ACM symposium on Applied computing
The implementation and evaluation of a recovery system for workflows
Journal of Network and Computer Applications
One approach to the testing of security of proposed database application software
Proceedings of the 15th WSEAS international conference on Computers
An immunity-based intrusion detection solution for database systems
WAIM'05 Proceedings of the 6th international conference on Advances in Web-Age Information Management
A dead-lock free self-healing algorithm for distributed transactional processes
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Integrated intrusion detection in databases
LADC'07 Proceedings of the Third Latin-American conference on Dependable Computing
Hi-index | 0.00 |
Traditional database security mechanisms are very limitedin defending successful data attacks. Authorized butmalicious transactions can make a database useless by impairingits integrity and availability. This paper presents thedesign of a real-time data attack isolation system, denotedDAIS. DAIS isolates likely suspicious actions before a definitedetermination of intrusion is reported. In this way, thedatabase can be immunized from many malicious transactions.DAIS is a COTS-DBMS-specific implementation of ageneral isolation algorithm that we developed in [19]. Inthis paper, the design of the first DAIS prototype, which isfor Oracle Server 8.1.6, is discussed. DAIS uses triggersand transaction profiles to keep track of the items read andwritten by transactions, isolates attacks by rewriting userSQL statements, and is transparent to end users. The DAISdesign is very general. In addition to Oracle, it can be easilyadapted to support many other database application platformssuch as Microsoft SQL Server, Sybase, and Informix.