Optimism and consistency in partitioned distributed database systems
ACM Transactions on Database Systems (TODS)
Concurrency control and recovery in database systems
Concurrency control and recovery in database systems
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Security-control methods for statistical databases: a comparative study
ACM Computing Surveys (CSUR)
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
A survey of intrusion detection techniques
Computers and Security
Formal query languages for secure relational databases
ACM Transactions on Database Systems (TODS)
State Transition Analysis: A Rule-Based Intrusion Detection Approach
IEEE Transactions on Software Engineering
Panorama: a database system that annotates its answers to queries with their properties
Journal of Intelligent Information Systems
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Proceedings of the ninth annual IFIP TC11 WG11.3 working conference on Database security IX : status and prospects: status and prospects
Temporal sequence learning and data reduction for anomaly detection
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
The multilevel relational (MLR) data model
ACM Transactions on Information and System Security (TISSEC)
Rewriting aggregate queries using views
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Answering complex SQL queries using automatic summary tables
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Intrusion confinement by isolation in information systems
Journal of Computer Security - Special issue on database security
Optimizing queries using materialized views: a practical, scalable solution
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Multilevel secure transaction processing
Journal of Computer Security
Specification-based anomaly detection: a new approach for detecting network intrusions
Proceedings of the 9th ACM conference on Computer and communications security
On a Pattern-Oriented Model for Intrusion Detection
IEEE Transactions on Knowledge and Data Engineering
Recovery from Malicious Transactions
IEEE Transactions on Knowledge and Data Engineering
Statistical Foundations of Audit Trail Analysis for the Detection of Computer Misuse
IEEE Transactions on Software Engineering
Proceedings of the Fifth International Conference on Data Engineering
VLDB '98 Proceedings of the 24rd International Conference on Very Large Data Bases
Security Administration for Federations, Warehouses, and other Derived Data
Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
Answering queries using views: A survey
The VLDB Journal — The International Journal on Very Large Data Bases
Towards a model of storage jamming
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
Administering permissions for distributed data: factoring and automated inference
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
ODAR: an on-the-fly damage assessment and repair system for commercial database applications
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
USTAT: A Real-Time Intrusion Detection System for UNIX
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Information-Theoretic Measures for Anomaly Detection
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
IDAMN: an intrusion detection architecture for mobile networks
IEEE Journal on Selected Areas in Communications
Dynamic damage recovery for web databases
Journal of Computer Science and Technology
Hi-index | 0.01 |
Traditional database security mechanisms are very limited in defending against data attacks. Authorized but malicious transactions can make a database useless by impairing its integrity and availability. This paper presents the design of a real-time data attack isolation system, denoted DAIS. DAIS isolates likely suspicious actions before a definite determination of intrusion is reported. In this way, the database can be immunized from many malicious transactions. DAIS is a COTS-DBMS-specific implementation of a general isolation algorithm that we developed [Liu P, Jajodia S, McCollum CD. Intrusion confinement by isolation in information systems. Journal of Computer Security, 2000;8(4):243-79]. In this paper, the design of the first DAIS prototype, which is for Oracle Server 9.2, is discussed. DAIS uses triggers and transaction profiles to keep track of the items read and written by transactions, isolates attacks by rewriting user SQL statements, and is transparent to end users. The DAIS design is very general. In addition to Oracle, it can be easily adapted to support many other database application platforms such as Microsoft SQL Server, Sybase, and Informix.