Self Healing Cyber Databases Under Malicious Attacks
Peng Liu - Pennsylvania State
Jan 26, 2005
AbstractDatabases, a critical component of most cyber infrastructures such as financial services, motivated 39% of the server volume in 2000. Cyber databases today suffer from serious attacks from insiders and the bad guys that steal the identity of good guys. These attacks are typically in the form of authorized but malicious transactions when being enforced.
With a focus on prevention, traditional database security mechanisms are very limited in tackling such attacks, and the need of attack-resilient database systems with self-healing capability is urgent. In this research, we propose ITDB, a novel self-healing database framework composed of a family of new database survivability techniques. An ITDB system can autonomically estimate, locate, isolate, contain, and repair the damage caused by attacks in such a way that the cyber database can "heal" itself on-the-fly and continue delivering essential services in the face of attacks. An overview of the family of ITDB techniques will be given, but the presentation will focus on two of them,
i.e., proactive damage containment and on-the-fly attack recovery. In addition, experiences in developing the ITDB prototype will also be shared.
About the SpeakerPeng Liu received his BS and MS degrees from the University of Sciences and Technology of China, and Ph.D. degree from George Mason University. He is now an assistant professor of Inform Sciences and Technology at the Pennsylvania State University and Director of the Cyber Security Lab (http://ist.psu.edu/s2/). Dr. Liu is interested in all areas of computer and network security. He has published a monograph and about 50 referred technical papers. Dr. Liu is the founding program co-chair of the ACM Workshop on Survivable and Self Regenerative Systems, the proceedings chair of the 2003 and 2004 ACM Conference on Computer and Communications Security (CCS), and a program committee member of about 20 international conferences, including ACM CCS, WWW, ESORICS, IFIP DBSEC, ACSAC, and IFIP SEC. Dr. Liu is a referee for about 16 international journals, including ACM Transactions on Information and Systems Security, IEEE Internet Computing, IEEE Transactions on Dependable and Secure Computing, and Journal of Computer Security. His research has been sponsored by DARPA, AFRL, NSF, DHS, DOE, NSA, HP, Cisco, 3COM, Japan-JSPS, and PSU. His lab has developed two major prototypes: ITDB, a self healing database system prototype (40,000+ lines of code); and ESVT, an Internet security Experiment Specification and Visualization Toolkit (25,000+ lines of code). Dr. Liu is a recipient of the DOE Early Career PI Award.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.