Optimism and consistency in partitioned distributed database systems
ACM Transactions on Database Systems (TODS)
Concurrency control and recovery in database systems
Concurrency control and recovery in database systems
A formal approach to recovery by compensating transactions
Proceedings of the sixteenth international conference on Very large databases
A survey of intrusion detection techniques
Computers and Security
Rewriting Histories: Recovering from Malicious Transactions
Distributed and Parallel Databases - Security of data and transaction processing
DEMIDS: a misuse detection system for database systems
Integrity and internal control information systems
Intrusion confinement by isolation in information systems
Journal of Computer Security - Special issue on database security
Benchmark Handbook: For Database and Transaction Processing Systems
Benchmark Handbook: For Database and Transaction Processing Systems
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
Architectures for Intrusion Tolerant Database Systems
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Towards a model of storage jamming
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Towards Fault-tolerant Software Architectures
WICSA '01 Proceedings of the Working IEEE/IFIP Conference on Software Architecture
DAIS: A Real-Time Data Attack Isolation System for Commercial Database Applications
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Multi-Phase Damage Confinement in Database Systems for Intrusion Tolerance
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Surviving information warfare attacks on databases
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
A Fast Automaton-Based Method for Detecting Anomalous Program Behaviors
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
How to build a trusted database system on untrusted storage
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
Learning trees and rules with set-valued features
AAAI'96 Proceedings of the thirteenth national conference on Artificial intelligence - Volume 1
International Journal of Information and Computer Security
Data Dependency Based Recovery Approaches in Survival Database Systems
ICCS '07 Proceedings of the 7th international conference on Computational Science, Part II
Optimizing security measures in an intrusion tolerant database system
ISAS'08 Proceedings of the 5th international conference on Service availability
Damage assessment and repair in attack resilient distributed database systems
Computer Standards & Interfaces
Availability analysis of an IMS-based VoIP network system
ICCSA'10 Proceedings of the 2010 international conference on Computational Science and Its Applications - Volume Part IV
Modeling and evaluating the survivability of an intrusion tolerant database system
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Hi-index | 0.00 |
In this paper, we present the design and implementation of ITDB, a self-healing or intrusion-tolerant database prototype system. While traditional secure database systems rely on preventive controls and are very limited in surviving malicious attacks, ITDB can detect intrusions, isolate attacks, contain, assess, and repair the damage caused by intrusions in a timely manner such that sustained, self-stabilized levels of data integrity and availability can be provided to applications in the face of attacks. ITDB is implemented on top of a COTS DBMS. We have evaluated the cost effectiveness of ITDB using several micro-benchmarks. Preliminary testing measurements suggest that when the accuracy of intrusion detection is satisfactory, ITDB can effectively locate and repair the damage on-the fly with reasonable (database) performance penalty.