Latest COVID-19 Information for Purdue University

The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Ashish Kamra - Purdue University

"Responding to Anomalous Database Requests"

Sep 24, 2008

Download: Video Icon MP4 Video Size: 393.1MB  
Watch on Youtube Watch on YouTube

Abstract

Organizations have recently shown increased interest in database activity monitoring and anomaly detection techniques to safeguard their internal databases. Once an anomaly is detected, a response from the database is needed to contain the effects of the anomaly. However, the problem of issuing an appropriate response to a detected database anomaly has received little attention so far. In this work, we propose a framework and a policy language for issuing a response to a database anomaly based on the characteristics of the anomaly. We also propose a novel approach to dynamically change the state of the access control system in order to contain the damage that may be caused by the anomalous request. We have implemented our mechanisms in the PostgreSQL DBMS and we discuss relevant implementation issues. We have also carried out an experimental evaluation to assess the performance overhead introduced by our response mechanism. The experimental results show that the techniques are very efficient.

About the Speaker

Ashish Kamra is a Phd candidate in School of Electrical and Computer Engineering at Purdue University. He is also enrolled in the interdisciplinary Masters in Information Security degree offered by CERIAS. Ashish received his bachelor's degree in Electronics engineering from Visvesraya Regional College of Engineering, Nagpur (India) in 2001. Prior to joining Purdue in 2004, he worked with Tata Consultancy Services at India for three years in capacity of a Systems Engineer.

Ashish's broad research interests are in the area of data security and privacy. Within this, he is currently developing an intrusion detection and response mechanism for relational databases as part of his Phd thesis.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...

Ways to Watch

YouTube

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!