Prevention of Malicious Transactions in Database Management Systems

Abstract

Database Management Systems are a key component in the information infrastructure of most organizations nowadays so security of DBMS has become more crucial. Several mechanisms needed to protect data, such as authentication, user privileges, encryption, and auditing, have been implemented in commercial DBMS. But still there are some ways through which systems may be affected by malicious transactions. Our definition of malicious transaction is that transaction which the user is not authorized to perform. Even the sequence of the operations in the transaction is not to be violated. Existing intrusion detection systems use logs to detect malicious transactions. Logs are the histories of the transactions committed in the database. The disadvantage of using logs is that they require lot of memory. In addition to this sometimes even after a transaction is detected as malicious it cannot be rolled back. In this thesis we present a method by which we can overcome the uses of logs and can detect malicious transactions before they are committed. We use counting bloom filters to store the sequence of commands in a transaction and use a prevention model for instant detection of malicious transactions. Simulation was carried out for a single user providing sequence of queries varying the size of the CBF from 1 to 15 and no. of hashing functions from 1 to 15.It was concluded that by choosing optimal value of size of CBF and number of hashing functions the detector can be made to prevent a malicious transaction with a probability of almost 99.85%.