论文信息 - Post-Intrusion Recovery Using Data Dependency Approach

Post-Intrusion Recovery Using Data Dependency Approach

Recovery of lost or damaged data in a post-intrusion detection scenario is a difficult task since database management systems are not designed to deal with malicious committed transactions. Few existing methods developed for this purpose heavily rely on logs and require that the log must not be purged. This causes the log grow tremendously and, since scanning the huge log takes enormous amount of time, recovery becomes a complex and prolonged process. In this research, we have used data dependency approach to divide a log into multiple segments, each segment containing only related operations. During damage assessment and recovery, we identify and skip parts of logs that contain unaffected operations. This accelerates the task. Through simulation we have validated performance of our method.

Brajendra Panda | Sani Tripathy | B. Panda | S. Tripathy

[1] Ramez Elmasri,et al. Fundamentals of Database Systems , 1989 .

[2] Brajendra Panda,et al. An overview of post information warfare data recovery , 1998, SAC '98.

[3] Leonard J LaPadula. State of the Art in Anomaly Detection and Reaction: An Update , 1999 .

[4] Navdeep Singh,et al. A Survey of Intrusion Detection Techniques , 2013 .

[5] Sushil Jajodia,et al. Rewriting Histories: Recovering from Malicious Transactions , 2004, Distributed and Parallel Databases.

[6] Sushil Jajodia,et al. Surviving information warfare attacks on databases , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[7] Sushil Jajodia,et al. Trusted recovery , 1999, CACM.

[8] Todd L. Heberlein,et al. Network intrusion detection , 1994, IEEE Network.

[9] Brajendra Panda,et al. Reconstructing the Database after Electronic Attacks , 1998, DBSec.

[10] Andreas Reuter,et al. Transaction Processing: Concepts and Techniques , 1992 .