Databases can heal themselves on-the-fly
An innovative new software can detect and correct a database impaired by an attack while the database system continues to process transactions, says a Penn State researcher.
“We simulated attackers behaviors on a database and then monitored the response of the database,” said Dr. Peng Liu, assistant professor of information sciences and technology. “We cant prevent attackers from getting in, but with this technology, the database can heal itself on-the-fly.”
Liu performed the research underlying the technology while a faculty member at the University of Maryland – Baltimore County. He has since established his research team, the Cyber Security Group, in Penn States School of Information Sciences and Technology. The teams areas of expertise include network security, intrusion detection and masking, survivable systems and attack prediction.
All databases are vulnerable to being breached by unauthorized users, former employees or hackers looking for a challenge. With more databases than ever, experts expect the number of database attacks to continue to rise. That leaves at risk such data-intensive applications as e-commerce, air traffic control, command-and-control, and credit card billing systems.
Although many intrusions can be detected soon after the database is breached, the damage usually doesnt stop with the initial transaction. Subsequent transactions and data updating can spread the damage.
Existing recovery software creates its own problems. Rolling back activity to the initial damage is expensive because the work of many unaffected transactions by good users will be lost, Liu said. Second, for commercial databases, suspending the database to clean up the damage is undesirable, and in many cases, unacceptable. International banks, for instance, need 24-7 access to account data.
The family of algorithms developed by Liu and others can detect single, multiple or simultaneous attacks. But it does more. It isolates malicious transactions, so that many benign ones are preserved from being affected and having to be re-executed. It also repairs the database by containing the set of corrupted data objects and then, by undoing or unwinding the direct and indirect effects of the attack.
The technology has another advantage: The software can be adapted for static and on-the-fly repairs. Because its dynamic, new transactions can continue even while the database is being repaired. Furthermore, the new technology is intelligent and adaptive.
“The database can adapt its own behavior and reconfigure itself based on the attack,” Liu said.
A prototype of this attack-resilient software is being tested by the Cyber Security Group and the U.S. Air Force.
Lius research was funded by the Air Force and the Defense Advanced Research Projects Agency. Subsequent grants have come from the National Science Foundation, the Air Force, DARPA and the U.S. Department of Energy.
The Penn State researcher and his co-authors, Paul Ammann and Sushil Jajodia, both of George Mason University, published their findings in the paper, “Recovery From Malicious Transactions,” in the September issue of IEEE Transactions on Knowledge and Data Engineering.
Media Contact
More Information:
http://www.psu.edu/All latest news from the category: Information Technology
Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.
This area covers topics such as IT services, IT architectures, IT management and telecommunications.
Newest articles
NASA: Mystery of life’s handedness deepens
The mystery of why life uses molecules with specific orientations has deepened with a NASA-funded discovery that RNA — a key molecule thought to have potentially held the instructions for…
What are the effects of historic lithium mining on water quality?
Study reveals low levels of common contaminants but high levels of other elements in waters associated with an abandoned lithium mine. Lithium ore and mining waste from a historic lithium…
Quantum-inspired design boosts efficiency of heat-to-electricity conversion
Rice engineers take unconventional route to improving thermophotovoltaic systems. Researchers at Rice University have found a new way to improve a key element of thermophotovoltaic (TPV) systems, which convert heat…