zbMATH — the first resource for mathematics

Evaluating the impact of intrusion detection deficiencies on the cost-effectiveness of attack recovery. (English) Zbl 1109.68490
Zhang, Kan (ed.) et al., Information security. 7th international conference, ISC 2004, Palo Alto, CA, USA, September 27–29, 2004. Proceedings. Berlin: Springer (ISBN 3-540-23208-7/pbk). Lecture Notes in Computer Science 3225, 146-157 (2004).
Summary: Traditional secure database systems rely on preventive controls and are very limited in surviving malicious attacks because of intrusion detection deficiencies. ITDB, a Intrusion Tolerant Database prototype system, has been proposed, which can detect intrusions, repair the damage caused by intrusions in a timely manner. In this paper, we evaluate ITDB using TPC-C benchmark. The performance measurements show that ITDB system is cost-effective within reasonable False Alarm Rate and Detection Latency ranges. Our experiment results also indicate that ITDB can achieve good survivability without being seriously affected by various intrusion detection deficiencies. It can provide essential database services in the presence of attacks, and maintain the desired essential (security) properties such as integrity and performance.
For the entire collection see [Zbl 1056.68020].
68P25 Data encryption (aspects in computer science)
68P15 Database theory
Full Text: DOI