Databases can heal themselves on-the-fly
An innovative new software can detect and correct a database impaired by an attack while the database system continues to process transactions, says a Penn State researcher.
“We simulated attackers behaviors on a database and then monitored the response of the database,” said Dr. Peng Liu, assistant professor of information sciences and technology. “We cant prevent attackers from getting in, but with this technology, the database can heal itself on-the-fly.”
Liu performed the research underlying the technology while a faculty member at the University of Maryland – Baltimore County. He has since established his research team, the Cyber Security Group, in Penn States School of Information Sciences and Technology. The teams areas of expertise include network security, intrusion detection and masking, survivable systems and attack prediction.
All databases are vulnerable to being breached by unauthorized users, former employees or hackers looking for a challenge. With more databases than ever, experts expect the number of database attacks to continue to rise. That leaves at risk such data-intensive applications as e-commerce, air traffic control, command-and-control, and credit card billing systems.
Although many intrusions can be detected soon after the database is breached, the damage usually doesnt stop with the initial transaction. Subsequent transactions and data updating can spread the damage.
Existing recovery software creates its own problems. Rolling back activity to the initial damage is expensive because the work of many unaffected transactions by good users will be lost, Liu said. Second, for commercial databases, suspending the database to clean up the damage is undesirable, and in many cases, unacceptable. International banks, for instance, need 24-7 access to account data.
The family of algorithms developed by Liu and others can detect single, multiple or simultaneous attacks. But it does more. It isolates malicious transactions, so that many benign ones are preserved from being affected and having to be re-executed. It also repairs the database by containing the set of corrupted data objects and then, by undoing or unwinding the direct and indirect effects of the attack.
The technology has another advantage: The software can be adapted for static and on-the-fly repairs. Because its dynamic, new transactions can continue even while the database is being repaired. Furthermore, the new technology is intelligent and adaptive.
“The database can adapt its own behavior and reconfigure itself based on the attack,” Liu said.
A prototype of this attack-resilient software is being tested by the Cyber Security Group and the U.S. Air Force.
Lius research was funded by the Air Force and the Defense Advanced Research Projects Agency. Subsequent grants have come from the National Science Foundation, the Air Force, DARPA and the U.S. Department of Energy.
The Penn State researcher and his co-authors, Paul Ammann and Sushil Jajodia, both of George Mason University, published their findings in the paper, “Recovery From Malicious Transactions,” in the September issue of IEEE Transactions on Knowledge and Data Engineering.
Alle Nachrichten aus der Kategorie: Information Technology
Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.
This area covers topics such as IT services, IT architectures, IT management and telecommunications.
Electronic skin has a strong future stretching ahead
A material that mimics human skin in strength, stretchability and sensitivity could be used to collect biological data in real time. Electronic skin, or e-skin, may play an important role…
Fast-moving gas flowing away from young star caused by icy comet vaporisation
A unique stage of planetary system evolution has been imaged by astronomers, showing fast-moving carbon monoxide gas flowing away from a star system over 400 light years away, a discovery…