Information systems research at George Mason University
ACM SIGMOD Record
Communications of the ACM
Prolepsis on the problem of Trojan-horse based integrity attacks (position paper)
Proceedings of the 1998 workshop on New security paradigms
An overview of post information warfare data recovery
SAC '98 Proceedings of the 1998 ACM symposium on Applied Computing
Rewriting Histories: Recovering from Malicious Transactions
Distributed and Parallel Databases - Security of data and transaction processing
Data dependency based logging for defensive information warfare
SAC '00 Proceedings of the 2000 ACM symposium on Applied computing - Volume 1
Extended data dependency approach: a robust way of rebuilding database
Proceedings of the 2002 ACM symposium on Applied computing
IEEE Parallel & Distributed Technology: Systems & Technology
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
Reorganization of the database log for information warfare data recovery
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Multi-Phase Damage Confinement in Database Systems for Intrusion Tolerance
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Hybrid log segmentation for assured damage assessment
Proceedings of the 2003 ACM symposium on Applied computing
Modeling insecurity: policy engineering for survivability
Proceedings of the 2003 ACM workshop on Survivable and self-regenerative systems: in association with 10th ACM Conference on Computer and Communications Security
Toward a threat model for storage systems
Proceedings of the 2005 ACM workshop on Storage security and survivability
The design and implementation of a self-healing database system
Journal of Intelligent Information Systems - Special issue: Database and applications security
Data Dependency Based Recovery Approaches in Survival Database Systems
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part II
The implementation and evaluation of a recovery system for workflows
Journal of Network and Computer Applications
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems
Proceedings of the 12th International Conference on Extending Database Technology: Advances in Database Technology
Dynamic damage recovery for web databases
Journal of Computer Science and Technology
Succinct and fast accessible data structures for database damage assessment
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
D_DIPS: an intrusion prevention system for database security
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
| Hi-index | 0.02 |
Abstract: We consider the problem of surviving information warfare attacks on databases. We adopt a fault tolerance approach to the different phases of an attack. To maintain precise information about the attack, we mark data to reflect the severity of detected damage as well as the degree to which the damaged data has been repaired. In the case of partially repaired data, integrity constraints might be violated, but data is nonetheless available to support mission objectives. We define a notion of consistency suitable for databases in which some information is known to be damaged, and other information is known to be only partially repaired. We present a protocol for normal transactions with respect to the damage markings and show that consistency preserving normal transactions maintain database consistency in the presence of damage. We present an algorithm for taking consistent snapshots of databases under attack. The snapshot algorithm has the virtue of not interfering with countermeasure transactions.