security and error correction detection in 802 1x and gsm
Download
Skip this Video
Download Presentation
Transaction Fusion in the Wake of Information Warfare

Loading in 2 Seconds...

play fullscreen
1 / 25

Security and Error Correction - PowerPoint PPT Presentation


  • 73 Views
  • Uploaded on

Security and Error Correction/Detection in 802.1x and GSM. Transaction Fusion in the Wake of Information Warfare.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Security and Error Correction' - harvey


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
security and error correction detection in 802 1x and gsm

Security and Error Correction/Detection in 802.1x and GSM

Transaction Fusion in the Wake of Information Warfare

Brajendra Panda, Rajesh Yalamanchili Computer Science Department, University of North Dakota Proceedings of the 2001 ACM symposium on Applied Computing March 2001

Sweety Chauhan

October 19, 2005

Information Warfare

CMSC 691I

overview
Overview
  • New and Significant
  • Defensive Information Warfare
  • Previous Work
  • Transaction Fusion Model
  • Recovery Algorithm
  • Conclusion
  • Future work
new and significant
New and Significant
  • The existing recovery techniques
    • first undo all malicious and affected transactions and
    • then redo all affected transactions
  • New
    • a model to fuse groups of malicious and affected transactions
  • Significant
    • by combining transactions, several data items that were required to be accessed multiple times in each individual transaction are now accessed only once in a fused transaction.
    • Acceleration of recovery process
what is information warfare
What is Information Warfare?
  • Any electronic attack intended to disrupt a computer system is termed as “Information Warfare”
  • Defensive information warfare - safeguarding systems from malicious attacks
  • Databases form the prime target for many of the malicious activities carried out by intruders
defensive information warfare

Techniques designed to guard

hardware, software and user data

against threats from both outsiders

as well as from malicious insiders

1. Protect

1. critical to the survival of information

systems

2. can be achieved by gaining an accurate

understanding of the “state” of the

system at any given point in time

e.g. Intrusion Detection Systems

2. Detect

1. assessing damage

2. finding malicious hidden programs

3. locating and closing any back doors

left by an attacker for future reentry

4. recovering data

3. React

Defensive Information Warfare

A functional

paradigm of

defensive

information

warfare

database information attack
Database Information Attack
  • In the protect phase, an attempt is made to prevent an attack on the database.
  • Absolute prevention can never be achieved and hence there is a detect phase.
    • intrusion detection mechanisms to identify attacks
  • Once an attack is detected, react phase makes every effort to
    • completely wipe out the effect of malicious transaction and
    • restore the database to a consistent state, the state database would have reached if there was no malicious transaction
    • must be performed in the shortest time possible
previous work
Previous Work
  • The damage inflicted on a database can spread manifold within a short time
    • when the transactions are interdependant and there is lot of activity in the system
  • Traditional recovery techniques, which deal with media and system failures, are not efficient in dealing with malicious attacks
    • rollback the database to the point of attack
    • all transactions except for the malicious transaction(s) are then redone to bring the database to a consistent state

Highly time-consuming process which is UNACCEPTABLE!!!

traditional recovery techniques
Traditional Recovery Techniques
  • Transaction dependency approach
    • malicious transaction(s) and the transactions that depend on the malicious transaction(s) are considered for recovery purposes.
  • Data dependency approach
    • data items that are affected by the malicious transaction(s) and their dependant data items are restored to their correct values.

log has to be scanned from the point of attack to the end

=> time consuming process

transaction fusion model
Transaction Fusion Model
  • Assumptions:
    • The schedule produced by the scheduler is strictly serializable
    • Blind writes are not allowed
    • The entire schedule is logged and the log cannot be modified or purged by any user
  • Transaction dependency approach
    • fuses a group of transactions into a single transaction
  • Fast and efficient recovery
    • accelerating the redo and undo phases
types of transaction
Types of Transaction
  • Malicious Transaction
  • Authentic Transaction
  • Set Notations
    • malicious transactions (M),
    • authentic transactions (A),
    • affected transactions (F), and
    • unaffected transactions (U)
  • A schedule is a collection of transactions that are interleaved and there exists a partial ordering among the operations of these transactions
definitions i

(Si Sj)

Definitions (I)
  • A transaction Tj is said to be dependant upon another transaction Ti,
    • if there exists a data item x such that Ti is the last committed transaction to update x before Tjreads x.
    • dependency relationship is denoted by Ti → Tj
  • For any two schedules of transactions Si and Sj,
    • combined schedule
      • where Siand Sj do not have any transaction in common
      • the combined effect of executing schedule Sifollowed by Sj
    • Sjis a sub-schedule of Si(Sj⊂sSi ) if
      • Sjcontains all the transactions that are present in Si
      • the order among these transactions is same
definitions ii
Definitions (II)
  • If Sj⊂sSithen the effect of executing Si and undoing all the transactions belonging to Sj is represented by Si Θ Sj
  • Two schedules are said to be value equivalents, if they produce the same final state when they start from the same initial state
example

Dependency Graph

T1

T3

T6

T2

T4

T5

Example

Si : T1, T3, T5, T4, T2, T6

Sj : T1, T2, T6

T4 and T5 depend on T3

T6 depends on T1

T2 depends on T1 and T3

Following steps are carried out for finding Si Θ Sj

  • Dependency graph for original schedule (Si) is drawn first
  • The last transaction in Si (T6) is undone only if it is a leaf node
  • Node representing the transaction undone is deleted and the process is repeated.

Si Θ Sj: T3, T5, T4

model description i
Model Description (I)
  • When an attack by one or more malicious transactions is detected

Step 1: Undo affected and malicious transactions

Step 2: Affected transactions are then re-executed

Step 3: Unaffected transactions are skipped in both undo and redo processes

  • Compensated-for transaction - the transaction that needs to be undone
  • Compensating transaction - the transaction that eliminates the effect of compensated-for transaction
    • a compensating transaction is executed for each transaction that needs to be undone
model description ii
Model Description (II)
  • Fuse transactions wherever possible and execute the fused transactions
  • Significant gain in time
    • one commit incase of a fused transaction rather than multiple commits
    • good chance of dependant transactions being fused into a single transaction
  • Database has a state at any given instant of time.
    • It will change from its current state to another state when one or more transactions commit
    • contemporary transactions- one or more transactions committing at the same time
recovery procedure i
Recovery Procedure (I)
  • variables M_ID and F_ID - generate IDs for the newly formed fused malicious transaction and fused affected transaction
  • variable M_flag serves as a flag to identify the first malicious transaction in a group of malicious transactions
  • F_flag helps in identifying the first affected transaction in a group of affected transactions
recovery procedure ii
Recovery Procedure (II)
  • The function fuse combines the operations belonging to two transactions (T1 and T2) and places them in a single fused transaction (Tf)
  • If the two conditions needed for fusion of writes are satisfied, then both the writes are fused together by calling fuse_writes function
recovery procedure ii algorithm
Recovery Procedure (II)- Algorithm

* Source: Research paper [1]

recovery procedure iii
Recovery Procedure (III)
  • The algorithm is suitable for strict logical logging, where before and after images are not stored
  • In semantic logging, before and after images are stored along with the transaction semantics
    • Undo process – simple and consists of two phases:
      • first phase – the set of data items updated by malicious transactions and affected transactions are determined
      • second phase - the unaffected transactions updating these data items are identified
    • Redo process - same as that of strict logical logging
conclusion
Conclusion
  • Recovery - phase in defensive information warfare
    • Should be carried out in the shortest time possible to minimize denial of service
  • Set of malicious transactions and affected transactions => single fused transaction
    • fused malicious and affected transactions sets are undone in undo process
    • fused affected transactions sets are re-executed in redo process
    • Number of transactions and total number of operations are minimized
    • Executing new fused sets of transactions during recovery expedites the process
future work
Future Work
  • Simulation study of this model
  • Integration of this model in distributed databases and systems
references
References
  • Transaction fusion in the wake of information warfare, Brajendra Panda, Rajesh Yalamanchili March 2001, Proceedings of the 2001 ACM symposium on Applied computing
  • The IWAR range: a laboratory for undergraduate information assurance education, Joseph Schafer, Daniel J. Ragsdale, John R. Surdu, Curtis A. Carver, April 2001, Journal of Computing Sciences in Colleges , Proceedings of the sixth annual CCSC northeastern conference on The journal of computing in small colleges,  Volume 16 Issue 4
  • Emerging technologies for homeland security: Countering terrorism through information technology, Robert Popp, Thomas Armour, Ted Senator, Kristen Numrych , March 2004   Communications of the ACM,  Volume 47 Issue 3
thanks a lot
Thanks a lot …

For Your

Presence

And

Patience

homework
Homework

Presentation Slides, Homework and Research Papers are available at :

www.umbc.edu/~chauhan2/CMSC691I/

ad