Skip to main content
SpringerLink
Log in

Using Checksums to Detect Data Corruption

  • Conference paper
  • First Online:
Advances in Database Technology — EDBT 2000 (EDBT 2000)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1777))

Included in the following conference series:

Abstract

In this paper, we consider the problem of malicious and intended corruption of data in a database, acting outside of the scope of the database management system. Although detecting an attacker who changes a set of database values at the disk level is a simple task (achievable by attaching signatures to each block of data), a more sophisticated attacker may corrupt the data by replacing the current data with copies of old block images, compromising the integrity of the data. To prevent successful completion of this attack, we provide a defense mechanism that enormously increases the intruders workload, yet maintains a low system cost during an authorized update. Our algorithm calculates and maintains two levels of signatures (checksum values) on blocks of data. The signatures are grouped in a manner that forces an extended series of block copying for any unauthorized update. Using the available information on block sizes, block reference patterns and amount of concurrently active transactions in the database, we calculate the length of this chain of copying, proving that the intruder has to perform a lot of work in order to go undetected. Therefore, our technique makes this type of attack very unlikely. Previous work has not addressed protection methods against this knowledgeable and equipped intruder who is operating outside the database management system.

This work has been supported by Rome Laboratories grant F30602-98-C-0264.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Barbará, D., Lipton, R.J.: A Class of Randomized Strategies for Low-Cost Comparison of File Copies. IEEE Transactions on Parallel and Distributed Systems, 2:2 April 1991.

    Google Scholar 

  2. Bohannon, P., Rastogi R., Seshadri S., Silberschatz A., Sudarshan S.: Using Code-words to Protect Database Data from a Class of Software Errors. Proceedings of the International Conference on Data Engineering, 1999.

    Google Scholar 

  3. Chawathe, S., Rajaraman, A., Garcia-Molina, H., Widom, J.: Change Detection in Hierarchically Structured Information. Proceedings of the International ACM-SIGMOD Conference on Management of Data. (1995).

    Google Scholar 

  4. Choi, J., Noh S., Min, S.L., Cho, Y.: An Adaptive Block Management Scheme Using On-Line Detection of Block Reference Patterns. Proceedings of the Int’l Workshop on Multimedia Database Management Systems, 1998.

    Google Scholar 

  5. Durst, R., Champion, T, Witten, B., Miller E., Spagnuolo L.: Testing and Evaluating Computer Intrusion Detection Systems. Communications of the ACM, July 1999, 53–61.

    Google Scholar 

  6. Kim, G., Spafford, E.H.: The Design and Implementation of Tripwire: A File System Integrity Checker. Proceedings of the 2nd ACM Conference on Computer and Communications Security. (1994).

    Google Scholar 

  7. McDermott, J., Goldschlag, D.: Storage Jamming. Database Security IX: Status and Prospects, Chapman & Hall, London (1996) 365–381.

    Google Scholar 

  8. McDermott, J., Goldschlag, D.: Towards a Model of Storage Jamming. Proceedings of the IEEE Computer Security Foundations Workshop, June 1996, 176–185.

    Google Scholar 

  9. Merkle, R. C.: A Fast Software One-way Hash Function. Journal of Cryptology, 3(1): 43–58 (1990).

    Article  MATH  MathSciNet  Google Scholar 

  10. Salem, K., Barbará, D., Lipton, R.J.: Probabilistic Diagnosis of Hot Spots. Proceedings of the Eight International Conference on Data Engineering, 1992.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030

    Daniel Barbará, Rajni Goel & Sushil Jajodia

Authors
  1. Daniel Barbará
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rajni Goel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sushil Jajodia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, University of California, Los Angeles, CA, 90095, USA

    Carlo Zaniolo

  2. Computer Science Department, University of Karlsruhe, P.O. Box 6980, 76128, Karlsruhe, Germany

    Peter C. Lockemann

  3. University of Konstanz, P.O. Box D188, 78457, Konstanz, Germany

    Marc H. Scholl  & Torsten Grust  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2000 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Barbará, D., Goel, R., Jajodia, S. (2000). Using Checksums to Detect Data Corruption. In: Zaniolo, C., Lockemann, P.C., Scholl, M.H., Grust, T. (eds) Advances in Database Technology — EDBT 2000. EDBT 2000. Lecture Notes in Computer Science, vol 1777. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46439-5_9

Download citation

  • DOI: https://doi.org/10.1007/3-540-46439-5_9

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-67227-2

  • Online ISBN: 978-3-540-46439-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation