Abstract
As Web services gain popularity in today’s E-Business world, surviving DBMSs from an attack is becoming crucial because of the increasingly critical role that database servers are playing. Although a number of research projects have been done to tackle the emerging data corruption threats, existing mechanisms are still limited in meeting four highly desired requirements: near-zero-run-time overhead, zero-system-down time, zero-blocking-time for read-only transactions, minimal-delay-time for read-write transactions. In this paper, we propose TRACE, a zero-system-down-time database damage tracking, quarantine, and recovery solution with negligible run time overhead. TRACE consists of a family of new database damage tracking, quarantine, and cleansing techniques. We built TRACE into the kernel of PostgreSQL. Our experimental results demonstrated that TRACE is the first solution that can simultaneously satisfy the first two requirements aforementioned and the first solution that can satisfy all the four requirements.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Ammann, P., Jajodia, S., Liu, P.: Recovery from malicious transactions. IEEE Transaction on Knowledge and Data Engineering 14(5), 1167–1185 (2002)
Ammann, P., Jajodia, S., McCollum, C., Blaustein, B.: Surviving information warfare attacks on databases. In: The IEEE Symposium on Security and Privacy, Oakland, CA, May 1997, pp. 164–174 (1997)
Bai, K., Liu, P.: Towards database firewall: Mining the damage spreading patterns. In: 22nd Annual Computer Security Applications Conference (ACSAC 2006), pp. 449–462 (2006)
Barbara, D., Goel, R., Jajodia, S.: Using checksums to detect data corruption. In: Int’l Conf. on Extending Data Base Technology (March 2000)
Bernstein, P.A., Hadzilacos, V., Goodman, N.: Concurrency control and recovery in database systems. Addison-Wesley Publishing Company, Reading (1987)
CERT. Cert advisory ca-2003-04 ms-sql server worm (January 25, 2003), http://www.cert.org/advisories/CA-2003-04.html
Chen, Q., Dayal, U.: Failure handling for transaction hierarchies. In: Gray, A., Larson, P.-Å. (eds.) Proceedings of the Thirteenth International Conference on Data Engineering, Birmingham, U.K, April 7-11, 1997, pp. 245–254. IEEE Computer Society, Los Alamitos (1997)
Chiueh, T., Pilania, D.: Design, implementation, and evaluation of an intrusion resilient database system. In: Proc. International Conference on Data Engineering, April 2005, pp. 1024–1035 (2005)
Eder, J., Liebhart, W.: Workflow recovery. In: Conference on Cooperative Information Systems, pp. 124–134 (1996)
TPC-C Benchmark, http://www.tpc.org/tpcc/
Lake, C.: Journal based recovery tool for ingres
Lin, J.-L., Dunham, M.H.: A survey of distributed database checkpointing. Distributed and Parallel Databases 5(3), 289–319 (1997)
Liu, P.: Architectures for intrusion tolerant database systems. In: The 18th Annual Computer Security Applications Conference, December 9-13, 2002, pp. 311–320 (2002)
Liu, P., Ammann, P., Jajodia, S.: Rewriting histories: Recovery from malicious transactions. Distributed and Parallel Databases 8(1), 7–40 (2000)
Lomet, D., Vagena, Z., Barga, R.: Recovery from ”bad” user transactions. In: SIGMOD 2006: Proceedings of the 2006 ACM SIGMOD international conference on Management of data, pp. 337–346. ACM Press, New York (2006)
McDermott, J., Goldschlag, D.: Towards a model of storage jamming. In: The IEEE Computer Security Foundations Workshop, Kenmare, Ireland, June 1996, pp. 176–185 (1996)
Mohan, C., Haderle, D., Lindsay, B., Pirahesh, H., Schwarz, P.: Aries: a transaction recovery method supporting fine-granularity locking and partial rollbacks using write-ahead logging. ACM Trans. Database Syst. 17(1), 94–162 (1992)
ORACLE. Oracle database advanced application developer’s guide (2007)
OWASP. Owasp top ten most critical web application security vulnerabilities (January 27, 2004), http://www.owasp.org/documentation/topten.html
Panda, B., Giordano, J.: Reconstructing the database after electronic attacks. In: The 12th IFIP 11.3 Working Conference on Database Security, Greece, Italy (July 1998)
Postgresql, http://www.postgresql.org/
Sobhan, R., Panda, B.: Reorganization of the database log for information warfare data recovery. In: Proceedings of the fifteenth annual working conference on Database and application security, Niagara, Ontario, Canada, July 15-18, 2001, pp. 121–134 (2001)
Tang, J., Hwang, S.-Y.: A scheme to specify and implement ad-hoc recovery in workflow systems. In: Schek, H.-J., Saltor, F., Ramos, I., Alonso, G. (eds.) EDBT 1998. LNCS, vol. 1377, pp. 484–498. Springer, Heidelberg (1998)
Yao, Q., An, A., Huang, X.: Finding and analyzing database user sessions. In: Zhou, L.-z., Ooi, B.-C., Meng, X. (eds.) DASFAA 2005. LNCS, vol. 3453, pp. 851–862. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bai, K., Yu, M., Liu, P. (2008). TRACE: Zero-Down-Time Database Damage Tracking, Quarantine, and Cleansing with Negligible Run-Time Overhead. In: Jajodia, S., Lopez, J. (eds) Computer Security - ESORICS 2008. ESORICS 2008. Lecture Notes in Computer Science, vol 5283. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-88313-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-88313-5_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-88312-8
Online ISBN: 978-3-540-88313-5
eBook Packages: Computer ScienceComputer Science (R0)