Skip to main content
SpringerLink
Log in

Dynamic Damage Recovery for Web Databases

  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

In the web context, there is an urgent need for a self-healing database system which has the ability to automatically locate and undo a set of transactions that are corrupted by malicious attacks. The metrics of survivability and availability require a database to provide continuous services during the period of recovery, which is referred to as dynamic recovery. In this paper, we present that an extended read operation from a corrupted data would cause damage spreading. We build a fine grained transaction log to record the extended read and write operations while user transactions are processing. Based on that, we propose a dynamic recovery system to implement the damage repair. The system captures damage spreading caused by extended read-write dependency between transactions. It also retains the execution results for blind write transactions and gives a solution to the issues of recovery conflicts caused by forward recovery. Moreover, a confinement activity is imposed on the in-repairing data to prevent a further damage propagation while the data recovery is processing. The performance evaluation in our experiments shows that the system is reliable and highly efficient.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Liu P. Architectures for intrusion tolerant database systems. In Proc. the 18th Annual Computer Security Applications Conference, Las Vegas, USA, Dec. 9-13, 2002, pp.311-322.

  2. Ammann P, Jajodia S, Liu P. Recovery from malicious transactions. IEEE Transactions on Knowledge and Data Engineering, 2002, 14(5): 1167-1185.

    Article  Google Scholar 

  3. Yu M, Liu P, Zang W. Self-healing workflow systems under attacks. In Proc. 24th International Conference on Distributed Computing Systems (ICDCS 2004), Tokyo, Japan, Mar. 24-26, 2004, pp.418-425.

  4. Wang H, Liu P. Modeling and evaluating the survivability of an intrusion tolerant database-system. In Proc. 11th European Symposium on Research in Computer Security, Hamburg, Germany, Sept. 18-20, 2006, pp.207-224.

  5. Panda B, Giordano J. An overview of post information warfare data recovery. In Proc. ACM Symposium on Applied Computing (SAC1998), Atlanta, USA, Feb. 27-Mar. 1, 1998, pp.253-254.

  6. Liu P, Ammann P, Jajodia S. Rewriting histories: Recovering from malicious transactions. Distrib. Parallel Databases, 2000, 8(1): 7-40.

    Article  Google Scholar 

  7. Pilania D, Chiueh T. Design, implementation, and evaluation of an intrusion-resilient database system. Technical Report TR-123, Computer Science Department, State Univ. New York at Stony Brook, 2002.

  8. Rajesh Y, Panda B. Transaction fusion: A model for data recovery from information attacks. Journal of Intelligent Information Systems Attacks, 2004, 23(3): 225-245.

    Article  MATH  Google Scholar 

  9. Ammann p, Jajodia S, McCollum C D. Surviving information warfare attacks on databases. In Proc. IEEE Symposium on Security and Privacy, Oakland, USA, May 3-6, 1997, p.164.

  10. Fu G, Zhu H, Feng Y. Fine grained transaction log for data recovery in database systems. In Proc. the 3rd Asia-Pacific Trusted Infrastructure Technologies Conference, Wuhan, China, Oct. 14-17, 2008, pp.123-131.

  11. Chiueh T, Pilania D. Design, implementation, and evaluation of a repairable database management system. In Proc. the 21st International Conference on Data Engineering, Tokyo, Japan, Apr. 5-8, 2005, pp.1024-1035.

  12. Bai K , Yu M, Liu P. Zero-down-time database damage tracking, quarantine, and cleansing with negligible run-time overhead. In Proc. the 13th European Symposium on Research in Computer Security, M¶alaga, Spain, Oct. 6-8, 2008, pp.161-176.

  13. Bai K, Liu P. A data damage tracking quarantine and recovery (DTQR) scheme for mission-critical database systems. In Proc. the 12th International Conference on Extending Database Technology, Saint Petersburg, Russia, Mar. 24-26, 2009, pp.720-731.

  14. Chiueh T, Bajpai S. Accurate and e±cient inter-transaction dependency tracking. In Proc. the 24th International Conference on Data Engineering (ICDE 2008), Cancun, Mexico, Apr. 7-12, 2008, pp.1209-1218.

  15. Xie M, Zhu H, Feng Y. Tracking and repairing damaged database using before image table. In Proc. the Japan-China Joint Workshop on Frontier of Computer Science and Technology (FCST), Tokyo, Japan, Dec. 27-28, 2008, pp.36-41.

  16. Liu P, Jajodia S. Multi-phase damage confinement in database systems for intrusion tolerance. In Proc. 14th IEEE Workshop on Computer Security Foundations, Cape Breton, Canada, June 11-13, 2001, pp.191-204.

  17. Valsangkar A, Panda B. An architecture for making data available ceaselessly during recovery. In Proc. IAW2003 West Point, USA, June 18-20, 2003, pp.196-202.

  18. Liu P, Jajodia S, McCollum C D. Intrusion confinement by isolation in information systems. Journal of Computer Security, 2000, 8(4): 243-279.

    Google Scholar 

  19. Liu P, Wang H, Li L. Real-time data attack isolation for commercial database applications. J. Netw. Comput. Appl., 2006, 29(4): 294-320.

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan, 430074, China

    Hong Zhu (Member,), Ge Fu & Yu-Cai Feng

  2. Brunel University, Uxbridge, UB8 3PH, U.K

    Kevin Lü

Authors
  1. Hong Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ge Fu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yu-Cai Feng
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kevin Lü
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ge Fu.

Additional information

Supported by the National Hi-Tech Research and Development 863 program of China under Grant No. 2006AA01Z430.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Zhu, H., Fu, G., Feng, YC. et al. Dynamic Damage Recovery for Web Databases. J. Comput. Sci. Technol. 25, 548–561 (2010). https://doi.org/10.1007/s11390-010-9344-y

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-010-9344-y

Keywords

Search

Navigation