Responding to Anomalous Database Requests
Ashish Kamra - Purdue University
Sep 24, 2008Size: 393.1MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractOrganizations have recently shown increased interest in database activity monitoring and anomaly detection techniques to safeguard their internal databases. Once an anomaly is detected, a response from the database is needed to contain the effects of the anomaly. However, the problem of issuing an appropriate response to a detected database anomaly has received little attention so far. In this work, we propose a framework and a policy language for issuing a response to a database anomaly based on the characteristics of the anomaly. We also propose a novel approach to dynamically change the state of the access control system in order to contain the damage that may be caused by the anomalous request. We have implemented our mechanisms in the PostgreSQL DBMS and we discuss relevant implementation issues. We have also carried out an experimental evaluation to assess the performance overhead introduced by our response mechanism. The experimental results show that the techniques are very efficient.
About the SpeakerAshish Kamra is a Phd candidate in School of Electrical and Computer Engineering at Purdue University. He is also enrolled in the interdisciplinary Masters in Information Security degree offered by CERIAS. Ashish received his bachelor's degree in Electronics engineering from Visvesraya Regional College of Engineering, Nagpur (India) in 2001. Prior to joining Purdue in 2004, he worked with Tata Consultancy Services at India for three years in capacity of a Systems Engineer.
Ashish's broad research interests are in the area of data security and privacy. Within this, he is currently developing an intrusion detection and response mechanism for relational databases as part of his Phd thesis.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.