Database Isolation and Filtering against Data Corruption Attacks

Meng Yu
Western Illinois University

Wanyu Zang
Western Illinois University

Peng Liu
The Pennsylvania State University, University Park

Various of attacks (e.g., SQL injections) may corrupt data items
in the database systems, which decreases the integrity level of the
database. Intrusion detections systems are becoming more and more
sophisticated to detect such attacks. However,
more advanced detection techniques require more complicated
analyses, e.g, sequential analysis, which incurs detection latency.
If we have an intrusion detection system as a filter for all
system inputs, we will introduce a uniform processing latency to all transactions
of the database system.
In this paper, we propose to use a ``unsafe zone'' to
isolate user's SQL queries from a ``safe zone'' of the database.
In the unsafe zone, we use polyinstitiations and flags for the records
to provide an immediate but different view from that of the safe zone
to the user.
Such isolation has negligible processing latency from the user's view,
while it can significantly improve the integrity level of the
whole database system and reduce the recovery costs.
Our techniques provide different levels of security QoS with
different zones.
Both our analytical and experimental results confirm the effectiveness
of our isolation techniques against data corruption attacks
to the databases. Our techniques can be applied to database systems
to provide multizone isolations with different levels of QoS.

Keywords: database security, integrity level, database isolation

Read Paper Read Paper (in PDF)