Article

Recovery of Business Intelligence Systems: Towards Guaranteed Continuity of Patient Centric Healthcare Systems through a Matrix-Based Recovery Approach

Authors:
To read the full-text of this research, you can request a copy directly from the authors.

Abstract

With the intensive use of the internet, patient centric healthcare systems shifted away from paper-based records towards a computerized format. Electronic patient centric healthcare databases contain information about patients that should be kept available for further reference. Healthcare databases contain potential data that makes them a goal for attackers. Hacking into these systems and publishing their contents online exposes them to a challenge that affects their continuity. Any denial of this service will not be tolerated since we cannot know when we need to retrieve a patient's record. Denial of service affects the continuity of the healthcare system which in turn threatens patients' lives, decreases the efficiency of the healthcare system and increases the operating costs of the attacked healthcare organization. Although there are many defensive security methods that have been devised, nonetheless malicious transactions may find a way to penetrate the secured safeguard and then modify critical data of healthcare databases. When a malicious transaction modifies a patient record in a database, the damage may spread to other records through valid transactions. Therefore, recovery techniques are required. The efficiency of the data recovery algorithm is substantial for e-healthcare systems. A patient cannot wait too long for his/her medical history to be recovered so that the correct medication be prescribed. Nevertheless, in order to have fast data recovery, an efficient damage assessment process should precede the recovery stage. The damage assessment must be performed as the intrusion detection system detects the malicious activity. The execution time of the recovery process is a crucial factor for measuring the performance because it is directly proportional to the denial of service time of any healthcare system. This paper presents a high performance damage assessment and recovery algorithm for e-healthcare systems. The algorithm provides fast damage assessment after an attack by a malicious transaction to keep the availability of the e-healthcare database. Reducing the execution time of recovery is the key target of our algorithm. The proposed algorithm outperforms the existing algorithm. It is about six times faster than the most recent proposed algorithm. In the worst case, the proposed algorithm takes 8.81 ms to discover the damaged part of the database; however, the fastest recent algorithm requires 50.91 ms. In the best case, the proposed algorithm requires 0.43 ms, which is 86 times faster than the fastest recent work. This is a significant reduction of execution time compared with other available approaches. Saving the damage assessment time means shorter denial of service periods, which in turn guarantees the continuity of the patient centric healthcare system.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the authors.

... Another approach was proposed by Haraty et al. (2018). The approach also uses matrices, wherein the matrix is formed by a two-dimensional array of linked lists. ...
... In order to determine the efficiency of our damage assessment algorithms, we have compared our measured performance results with the performance results of previously proposed approaches that were built based on different data structures. In E1 these approaches are: traditional, traditional clustered, and hybrid sub-cluster models, respectively, that were discussed in Haraty et al. (2018). While in E2 we measured the performance of our algorithm by comparing it to other proposed approaches in Haraty et al. (2016Haraty et al. ( , 2018, Haraty and El Saie (2017), Haraty and Mohsen (2014), Kaddoura et al. (2015). ...
... In E1 these approaches are: traditional, traditional clustered, and hybrid sub-cluster models, respectively, that were discussed in Haraty et al. (2018). While in E2 we measured the performance of our algorithm by comparing it to other proposed approaches in Haraty et al. (2016Haraty et al. ( , 2018, Haraty and El Saie (2017), Haraty and Mohsen (2014), Kaddoura et al. (2015). The experiments performed showed promising results in terms of running times. ...
Article
Full-text available
With the advancement of Internet technology and the rise of big data, securing information from malicious attacks has become more important; yet, more challenging. Even though prevention techniques exist, they are not enough to fully secure the data from malicious activities. This dictated the need for a detection and recovery model to assess the damage and bring the database back to its consistent state in case of an attack. This recovery should be done as quickly and efficiently as possible in order to avoid damage propagation and inaccurate access to data. Multiple models have been proposed, and different techniques and data structures were used to recover the database to its reliable state. In this work, we present a superior damage assessment and recovery algorithm that is centered on agents. Our hybrid lightweight approach is based on clustering database transactions based on a given set of criteria using graphs to keep track of transactional dependencies. This way, our model allows for: (1) parallel information processing—which makes recovery more effectual, (2) separation of concerns—which makes it easier to maintain a given data structure, (3) attack/problem isolation where a malicious transaction will be isolated from the remaining unharmed parts of database (the undamaged parts of the database can remain ‘live’ and there is no need to take them offline, and (4) easier scaling as bottlenecks are diminished. The presented approach is compared to other existing ones and exhibited superior performance.
... Researchers have proposed many techniques for the detection of DDoS attacks [11]- [13] for different enviroments such as cloud [14]- [17], [17]- [19], IoT [20]- [23], SDN, VANET [24]- [26] and healthcare [27]- [31]. The author in [32] proposed a DDoS attack detection technique based on game theory. ...
Article
Full-text available
Software Deffned Network (SDN) is a novel way of network management. In SDN, control plane and data plane are separated and the incoming traffic is controlled by control plane. Incoming data packets are not handled by the network switches, if there is no matching entry in the forwarding tables, the inbound packet is routed to the controller, the SDN's operating system, for further processing. However, due to this SDN becomes prime target of Distributed denial of services (DDoS) attack. Due to DDoS attack the services of SDN becomes unavailable to its users. Hence, the purpose of this study is to analysis of machine learning based DDoS attack detection techniques in Software defined network (SDN). We analysis the Scopes indexed papers in this study and present a comparative analysis from them.
... On the other hand, many e-health systems are successfully introduced to the market and the feedback of end-users was extremely positive, which reached an acceptance level of quality and pleasant of customers. These successful and robust systems are resulted from the development of the e-health initiatives that can be utilized in the daily practice of healthcare organizations (Stephanie and Sharma, 2019;Haraty et al., 2018). ...
Article
Purpose This paper aims to introduce the goal-oriented requirements extraction approach (GOREA). It is an elicitation approach that uses, specifically, healthcare business goals to derive the requirements of e-health system to be developed. Design/methodology/approach GOREA consists of two major phases: (1) modelling e-health business requirements phase and (2) modelling e-health information technology (IT) and systems requirements phase. The modelling e-health business requirements phase is divided into two main stages: (1) model e-health business strategy stage and (2) model e-health business environment stage. The modelling e-health IT and systems requirements phase illustrates the process of obtaining requirements of e-health system from the organizational goals that are determined in the previous phase. It consists of four main steps that deal with business goals of e-health system: (1) modelling e-health business process (BP) step; (2) modelling e-health business goals step; (3) analysing e-health business goals step; and (4) eliciting e-health system requirements step. A case study based on the basic operations and services in hospital emergency unit for checking patient against COVID-19 virus and taking its diagnostic testing has been set and used to examine the validity of the proposed approach by achieving the conformance of the developed system to the business goals. Findings The results indicate that (1) the proposed GOREA has a positive influence on the system implementation according to e-health business expectations; and (2) it can successfully fulfil the need of e-health business in order to save the citizens life by checking them against COVID-19 virus. Research limitations/implications The proposed approach has some limitations. For example, it is only validated using one e-health business goal and thus it has to be authenticated with different e-health business goals in order to address different e-health problems. Originality/value Many e-health projects and innovations are not established based on robust system requirements engineering phase. In order to ensure the success delivery of e-health services, all characteristics of e-health systems and applications must be understood in terms of technological perspectives as well as the all system requirements.
... In [25,26], the authors presented a new model aimed at alleviating the drawbacks of [23] related to the parsing problems and increased execution time while dealing with strings. The proposed model used integers to reduce this time. ...
Article
Full-text available
In the current Internet of things era, all companies shifted from paper-based data to the electronic format. Although this shift increased the efficiency of data processing, it has security drawbacks. Healthcare databases are a precious target for attackers because they facilitate identity theft and cybercrime. This paper presents an approach for database damage assessment for healthcare systems. Inspired by the current behavior of COVID-19 infections, our approach views the damage assessment problem the same way. The malicious transactions will be viewed as if they are COVID-19 viruses, taken from infection onward. The challenge of this research is to discover the infected transactions in a minimal time. The proposed parallel algorithm is based on the transaction dependency paradigm, with a time complexity O((M+NQ+N^3)/L) (M = total number of transactions under scrutiny, N = number of malicious and affected transactions in the testing list, Q = time for dependency check, and L = number of threads used). The memory complexity of the algorithm is O(N+KL) (N = number of malicious and affected transactions, K = number of transactions in one area handled by one thread, and L = number of threads). Since the damage assessment time is directly proportional to the denial-of-service time, the proposed algorithm provides a minimized execution time. Our algorithm is a novel approach that outperforms other existing algorithms in this domain in terms of both time and memory, working up to four times faster in terms of time and with 120,000 fewer bytes in terms of memory.
... The topics of healthcare systems and secure sharing of medical records have been studied extensively in the literature. Some previous works proposed novel algorithms to secure healthcare systems [12][13][14][15][16][17]. These algorithms were proposed for pattern discovery and to ensure the consistency and stabilization of medical system's databases to the correct state while. ...
Chapter
Secure sharing of medical data is essential for both patients and providers of various interests. Patients’ main concern is to securely and confidentially have their information stored and shares their sensitive medical records among different providers. Due to the inability of querying hospital’s or doctor’s private databases, the need for an immutable and decentralized database emerges. Blockchain is considered to provide an important role in improving interoperability in health data systems due to its characteristics of sharing and distribution. Many blockchain-based models for sharing medical data are proposed in the literature. However, many of these models do not prioritize the patient’s concerns or interests. In this paper, we propose a patient-driven medical data sharing system using blockchain technology. We show how our model provides both the properties for a patient-driven system and the main security features for secure sharing of healthcare information.
... Analogous to this finding, Torres, Sidorova, and Jones (2018) argue that business intelligence and analytics have a positive impact on organizational performance. Moreover, the heightened need to secure patients' records compels healthcare organizations to become more strategic in protecting data and its possible recovery mechanism (Haraty et al., 2018). ...
Article
Full-text available
This paper aims to investigate the role of business intelligence systems in the relationship between organizational learning culture and organizational performance in the healthcare context. A quantitative approach was applied to identify the hypothesized relationships. Data was obtained from a survey of 217 mid- and top-level hospital managers of healthcare organizations in Bangladesh. Structural equation modeling was used to analyze the data. The findings attested to the effectiveness of the mediating role of business intelligence systems in the relationship between organizational learning culture and organizational performance within healthcare organizations. The theoretical & practical implications of the findings are also discussed. The study data was collected from a single country, which made generalization difficult. Further research should be carried out to replicate the present study with different organizational cultural variables and organizational outcomes, such as patient satisfaction. This study provides a clear direction for hospital managers to invest more resources in an effective learning culture, to be positively mediated by BIS, to eventually enhance their hospitals’ performance. In addition, this study also suggests that hospital managers should focus on building a knowledge-based learning culture to effectively use the information provided by BIS. Despite the prior study on the applications of business intelligence systems and their value to an organization, little is known about the impact of organizational learning culture on business intelligence systems in healthcare organizations. The findings give support to the argument that organizational learning culture plays an important role in business intelligence systems that, in turn, affect business performance.
... On the other hand, many e-health systems are successfully introduced to the market and the feedback of end-users was extremely positive, which reached an acceptance level of quality and pleasant of customers. These successful and robust systems are resulted from the development of the e-health initiatives that can be utilized in the daily practice of healthcare organizations (Stephanie and Sharma, 2019;Haraty et al., 2018). ...
Preprint
UNSTRUCTURED Many e-health projects and innovations are not established based on robust system requirements engineering phase. In order to ensure the success delivery of e-health services to stakeholders, all characteristics of e-health systems and applications must be understood in terms of technological perspectives as well as the all system requirements. Thus, this paper aims to introduce the Goal-Oriented Requirements Extraction Approach (GOREA). It is an elicitation approach that uses, specifically, healthcare business goals to derive the requirements of e-health system to be developed. It consists of two major phases: (1) modelling e-health business requirements phase; and (2) modelling e-health Information Technology (IT) and systems requirements phase. The modelling e-health business requirements phase is divided into two main stages: (1) model e-health business strategy stage; and (2) model e-health business environment stage. The modelling e-health IT and systems requirements phase illustrates the process of obtaining requirements of e-health system from the organizational goals that are determined in the previous phase. It consists of four main steps that deals with business goals of e-health system: (1) modelling e-health business process (BP) step; (2) modelling e-health business goals step; (3) analyzing e-health business goals step; and (4) eliciting e-health system requirements step. A case study based on the basic operations and services in hospital emergency unit for checking patient against COVID-19 virus and taking its diagnostic testing has been set and used to examine the validity of the proposed approach by achieving the conformance of the developed system to the business goals. The results indicate that: (1) the proposed GOREA has a positive influence on the system implementation according to e-health business expectations; and (2) it can successfully fulfil the need of e-health business in order to save the citizens life by checking them against COVID-19 virus.
... Its goal is to integrate a set of heterogeneous resources, to provide online services in the demand for different types of users, that are released from the details of the internal infrastructure, while focusing on their application resource on the net. [4] (Haraty & al, 2017) in [7] presents a high-performance damage assessment and recovery algorithm for e-healthcare systems. The algorithm provides fast damage assessment after an attack, by a malicious transaction to keep the availability of the e-healthcare database. ...
... [10] Haraty et al. (2017) focuses on business continuity challenges in healthcare systems such as hacking, denial of service attacks and malicious transactions. Therefore, this research presents a high-performance damage assessment and recovery algorithm for e-healthcare systems. ...
Article
We define the emerging research field of applied data science as the knowledge discovery process in which analytic systems are designed and evaluated to improve the daily practices of domain experts. We investigate adaptive analytic systems as a novel research perspective of the three intertwining aspects within the knowledge discovery process in healthcare: domain and data understanding for physician- and patient-centric healthcare, data preprocessing and modelling using natural language processing and (big) data analytic techniques, and model evaluation and knowledge deployment through information infrastructures. We align these knowledge discovery aspects with the design science research steps of problem investigation, treatment design, and treatment validation, respectively. We note that the adaptive component in healthcare system prototypes may translate to data-driven personalisation aspects including personalised medicine. We explore how applied data science for patient-centric healthcare can thus empower physicians and patients to more effectively and efficiently improve healthcare. We propose meta-algorithmic modelling as a solution-oriented design science research framework in alignment with the knowledge discovery process to address the three key dilemmas in the emerging “post-algorithmic era” of data science: depth versus breadth, selection versus configuration, and accuracy versus transparency.
Article
Although its structure and strategies are rapidly evolving, the impact of the eHealth on the healthcare services is evident. Implementing eHealth systems on a national level can drastically enhance the health practices and services provided to the patients and community. Hence, the engineering of a new model and a holistic framework for eHealth systems becomes a necessity in order to have an effective implementation of these systems. The vast and rapid development in computers, communication, and Internet technologies has significantly affected the contemporary health systems. However, the complexity of the healthcare environment, the abundance of information, the compatibility and the lack of unified eHealth framework creates real challenges to present efficient and attractive eHealth model that encompasses all these elements. Furthermore, the security of the health records and the secure access to the information add a new dimension of complexity. This work presents a new model and an integrated framework for an efficient implementation of eHealth systems at the national level. The proposed model and framework successfully incorporate all the success factors of efficient eHealth system along with a new security model to access the health records.
Article
Full-text available
Wireless mesh networks (WMNs) are a promising technology that has emerged with the combination of several wireless networks. These wireless networks and devices communicate in a mesh network manner, to provide edge-to-edge, easy, and cost-effective data communication. Many current and future promising applications depend on WMN and one of the most important applications is eHealthcare, where the confidential information transfers with the help of WMN. WMN devices communicate over a wireless medium, which opens the system to a number of vulnerabilities; thus, an intruder can launch malicious activities through many types of attacks that can result in denial of service (DoS). In this paper, the available solutions to overcome these attacks are simulated and evaluated in terms of data packet delivery ratio, end-to-end delay, and network throughput and under different cases of static and mobile WMNs, which helps in providing suggestions to enhance existing protocols and mitigate the effect of DoS caused by such attacks.
Article
Full-text available
The age of Internet technology has introduced new types of attacks to new assets that did not exist before. Databases that represent information assets are subject to attacks that have malicious intentions, such as stealing sensitive data, deleting records or violating the integrity of the database. Many counter measures have been designed and implemented to protect the databases and the information they host from attacks. While preventive measures could be overcome and detection measures could detect an attack late after damage has occurred, there is a need for a recovery algorithm that will recover the database to its correct previous state before the attack. Numerous damage assessment and recovery algorithms have been proposed by researchersIn this work, we present an efficient lightweight detection and recovery algorithm that is based on the matrix approach and that can be used to recover from malicious attacks. We compare our algorithm with other approaches and show the performance results.
Article
Full-text available
We introduce the design and development of a comprehensive electronic health record system (EHR) that incorporates AES encryption to assure security. Our work adopts a didactic approach to introduce the formal design steps of an EHR with its underlying database from a software engineering perspective. For this, we adopt two formal development methodologies as software engineering perspective and database development approach and combine the two to present a guideline to design and develop similar projects in other domains. For informative purposes, the steps of the development process are formalized based on database ER-model, and the final design is normalized into 3NF. We provide insight on rationale for employing specific methodologies, and using particular material and tools.
Article
Full-text available
In a distributed mobile e-health care system, e-health service providers exchange data on the fly in response to user queries without any centralized control. Local databases in e-health service providers might be intercepted during the exchange of data and read by intruders; and malicious transactions may damage data that is highly confidential. In this case any centralized control for securing data cannot be assumed to protect confidential data. Therefore, securing health information from malicious attacks has become a major concern. Although prevention techniques are available, the history of system break-ins guarantees that there is no foolproof technique that totally eliminates security loopholes in a computer system. Hence, efficient damage assessment and recovery techniques are needed. Traditional methods require scanning the entire log from the point of attack to the end which is a slow procedure. In this paper, we present an efficient damage assessment and recovery algorithm to recover the database from malicious transactions. The algorithm is based on data dependency and uses a single matrix. The results of this work prove that our algorithm performs better than the other algorithms in both the damage assessment and the recovery stages.
Article
Full-text available
In a data sharing system in a cloud computing environment, such as health care system, peers or data sources execute transactions on-the-fly in response to user queries without any centralized control. In this case confidential data might be intercepted or read by hackers. We cannot consider any centralized control for securing data since we cannot assume any central third party security infrastructure (e.g., PKI) to protect confidential data in a data sharing system. Securing health information from malicious attacks has become a major concern. However, securing the data from attacks sometimes fail and attackers succeed in inserting malicious data. Hence, this presents a need for fast and efficient damage assessment and recovery algorithms. In this paper, we present an efficient data damage assessment and recovery algorithm to delete malicious transactions and recover affected transactions in a data source in a health care system based on the concept of the matrix. We compare our algorithm with other approaches and show the performance results.
Article
Full-text available
ith the advancement of Internet technology, securing information systems from electronic attacks have become a significant concern. With all the preventive me- thods, malicious users still find new methods that over- come the system security, and access and modify the sensitive information. To make the process of damage asses- sment and recovery fast and efficient and in order not to scan the whole log, resear- chers have proposed different methods for segmenting the log, and accordingly presented different damage assessment and recovery algorithms. Since even segmenting the log into clusters may not solve the problem, as clusters/segments may grow to be humongous in size, this is in case of high data/transaction dependency, we suggest a method for seg- menting the log into clusters and its sub-clusters; i.e, seg- menting the cluster; based on exact data dependency (12), into sub-clusters; based on two different criteria: number of data items or space occu- pied. In this work, we also present damage assessment and recovery algorithms, and show the performance results.
Article
Full-text available
The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 that was signed into law as part of the "stimulus package" represents the largest US initiative to date that is designed to encourage widespread use of electronic health records (EHRs). In light of the changes anticipated from this policy initiative, the purpose of this paper is to review and summarize the literature on the benefits and drawbacks of EHR systems. Much of the literature has focused on key EHR functionalities, including clinical decision support systems, computerized order entry systems, and health information exchange. Our paper describes the potential benefits of EHRs that include clinical outcomes (eg, improved quality, reduced medical errors), organizational outcomes (eg, financial and operational benefits), and societal outcomes (eg, improved ability to conduct research, improved population health, reduced costs). Despite these benefits, studies in the literature highlight drawbacks associated with EHRs, which include the high upfront acquisition costs, ongoing maintenance costs, and disruptions to workflows that contribute to temporary losses in productivity that are the result of learning a new system. Moreover, EHRs are associated with potential perceived privacy concerns among patients, which are further addressed legislatively in the HITECH Act. Overall, experts and policymakers believe that significant benefits to patients and society can be realized when EHRs are widely adopted and used in a "meaningful" way.
Conference Paper
Full-text available
An intrusion tolerant database uses damage assessment techniques to detect damage propagation scales in a corrupted database system. Traditional damage assessment approaches in a intrusion tolerant database system can only locate damages which are caused by reading corrupted data. In fact, there are many other damage spreading patterns that have not been considered in traditional damage assessment model. In this paper, we systematically analyze inter-transaction dependency relationships that have been neglected in the previous research and propose four different dependency relationships between transactions which may cause damage propagation. We extend existing damage assessment model based on the four novel dependency relationships. The essential properties of our model is also discussed.
Chapter
In a real-time database, correctness of transaction depends not only on the correct implementation, but also depends on the effectiveness of time. Traditional database recovery strategies are adopted to undo all malicious transactions and affected transactions, and then redo the affected transactions. This time-consuming recovery process is not acceptable for real-time databases. Sometimes a transaction may have already exceeded its implementation period, and thus lose the meaning of recovery. By assessing the repair necessity for the affected transaction, a recovery approach is proposed to decide whether to recovery, and then fuse malicious transactions and valuable affected transactions. By this way it can significantly reduce the required number of the transactions needed to undo and redo, avoid worthless recovery operations, and reduce the system I/O and log scanning. So the recovery can be finished in an efficient time.
Article
For maintaining the consistency of database, the recovery algorithms traditionally depend on complete rollback to a consistent checkpoint. The recovery problem from committed malicious transactions can be solved by determining the dependencies between the transactions in window of vulnerability. Since the size of transactional log may grow very large, recovery becomes a complex and time-consuming process. In this paper, we propose an approach which incorporates application specific information to determine transactional dependencies. The approach is applied to column based transaction dependency to obtain better performance. The system is implemented at application layer where SQL queries are generated. In recovery phase, we consider only affected and malicious transactions for rollback and skip the good transactions.
Article
Today's computer systems are vulnerable both to abuse by insiders and to penetration by outsiders, as evidenced by the growing number of incidents reported in the press. To close all security loopholes from today's systems is infeasible, and no combination of technologies can prevent legitimate users from abusing their authority in a system; thus auditing is viewed as the last line of defense.Over the past several years, the computer security community has been developing automated tools to analyze computer system audit data for suspicious user behavior. This paper describes the use of such tools for detecting computer system intrusion and describes further technologies that may be of use for intrusion detection in the future.
Conference Paper
Recovery from information attacks is a difficult task as database management systems are not designed to deal with malicious committed transactions, Few existing methods developed for this purpose heavily rely on logs and require that the log must not be purged. This causes the log grow tremendously and, therefore, making recovery a prolonged process since scanning the log takes enormous amount of time. Hence, it is necessary to identi~ and skip parts of logs that contain unaffected operations. In this research, we have used data dependency approach to divide a log into multiple segments, each segment containing only related operations. We have presented the model and the algorithm for log clustering which will significantly enhance the performance of database recovery for defensive information warfare.
Conference Paper
RETRO repairs a desktop or server after an adversary compromises it, by undoing the adversary's changes while preserving legitimate user actions, with minimal user involvement. During normal operation, RETRO records an action history graph, which is a detailed dependency graph describing the system's execution. RETRO uses refinement to describe graph objects and actions at multiple levels of abstraction, which allows for precise dependencies. During repair, RETRO uses the action history graph to undo an unwanted action and its indirect effects by first rolling back its direct effects, and then reexecuting legitimate actions that were influenced by that change. To minimize user involvement and re-execution, RETRO uses predicates to selectively re-execute only actions that were semantically affected by the adversary's changes, and uses compensating actions to handle external effects. An evaluation of a prototype of RETRO for Linux with 2 real-world attacks, 2 synthesized challenge attacks, and 6 attacks from previous work, shows that RETRO can often repair the system without user involvement, and avoids false positives and negatives from previous solutions. These benefits come at the cost of 35-127% in execution time overhead and of 4-150 GB of log space per day, depending on the workload. For example, a HotCRP paper submission web site incurs 35% slowdown and generates 4 GB of logs per day under the workload from 30 minutes prior to the SOSP 2007 deadline.
Article
Preventive measures sometimes fail to defect malicious attacks. With attacks on data-intensive applications becoming an ever more serious threat, intrusion tolerant database systems are a significant concern. The main objective of such systems is to detect attacks, and to assess and repair the damage in a timely manner. This paper focuses on efficient damage assessment and repair in distributed database systems. The complexity caused by data partition, distributed transaction processing, and failures makes intrusion recovery much more challenging than in centralized database systems. This paper identifies the key challenges and presents an efficient algorithm for distributed damage assessment and repair.
Article
Even state of the art database protection mechanisms often fail to prevent occurrence of malicious attacks. Since in a database environment, the modifications made by one transaction may affect the execution of some of the later transactions, it leads to spreading of the damage caused by malicious (bad) transactions. Following traditional log-based recovery schemes, one can rollback (undo) the effect of all the transactions, both malicious as well as non-malicious. In such a scenario, even the unaffected transactions are also rolled back. In this paper, we propose a column dependency-based approach to identify the affected transactions which need to be compensated along with the malicious transactions. To ensure durability, committed non-malicious transactions are then re-executed in a manner that retains database consistency. We present a static recovery algorithm as well as an on-line version of the same and prove their correctness. A detailed performance evaluation of the proposed scheme with TPC-C benchmark suite is also presented.
Conference Paper
Fuzzy dependency in a database delineates a loose dependency relationship between two sets of attributes. It describes logical relationships among attributes in a database relation and those relationships can't be fully specified by functional dependencies, which focus on database schema and data organization. This characteristic of the database schema can be used to perform damage assessment and also to build fuzzy recovery model. In this paper, we formally define the concept of fuzzy dependency and introduce several inference rules. Then we focus on recovery from information attacks. An architecture for fuzzy value generation during recovery, based on fuzzy dependency relationships, is also presented. Fuzzy dependency can accelerate the post attack recovery process because it can generate acceptable values for damaged data quicker compared to that in traditional recovery schemes. Although the generated fuzzy values may not offer the absolute accuracy, they are acceptable for many real-time applications, which require prompt response more than the data accuracy.
Conference Paper
When an attacker or a malicious user updates a database, the resulting damage can spread to other parts of the database through valid users. A fast and accurate damage assessment must be performed as soon as such an attack is detected. In this paper, we have discussed two approaches for damage assessment in an affected database. While the first one uses transaction dependency relationships to determine affected transactions, the second approach considers data dependency relationships to identify affected data items for future recovery. These relationships are stored in a matrix format for faster manipulation.
Cybersecurity for Hospitals and Healthcare Facilities: A Guide to Detection and Prevention
  • L Ayala
Ayala, L., 2016. Cybersecurity for Hospitals and Healthcare Facilities: A Guide to Detection and Prevention. Apress, Berkeley, CA.
Efficient damage propagation detection for compromised database systems
  • G Fu
  • H Zhang
  • X Liu
Fu, G., Zhang, H., Liu, X., 2013. Efficient damage propagation detection for compromised database systems. J. Network Inf. Secur. 4 (1), 1-13.
Efficient damage assessment and recovery using fast mapping
  • R A Haraty
  • H Mohsen
Haraty, R.A., Mohsen, H., 2014. Efficient damage assessment and recovery using fast mapping. In: Proceedings of the Twenty Third International Conference on Software Engineering and Data Engineering (SEDE 2014), New Orleans, Louisiana, USA.
Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems
  • R A Haraty
  • M Zbib
  • M Masud
Haraty, R.A., Zbib, M., Masud, M., 2016. Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems. J Peer-to-Peer Networking Appl. http://dx.doi.org/10.1007/s12083-015-0361-z, 9(5), pp. 812-823.
SQRM: an effective solution to suspicious users in database
  • D Hua
  • Q Xiaolin
  • A Guineng
Hua, D., Xiaolin, Q., Guineng, A., 2011. SQRM: an effective solution to suspicious users in database. In: Proceedings of the Third International Conference on Advances in Databases, Knowledge, and Data Applications, St. Maarten, The Netherlands Antilles.
Implementation of security algorithms for u-health monitoring system
  • P Jiho
  • L Yong-Gyu
  • Y Gilwon
Jiho, P., Yong-Gyu, L., Gilwon, Y., 2012. Implementation of security algorithms for u-health monitoring system. Int. J. Comp. Electr. Autom. Control Inf. Eng.(6).
E-Healthcare Systems and Wireless Communications Current and Future Challenges
  • M K Watfa
Watfa, M.K., 2011. E-Healthcare Systems and Wireless Communications Current and Future Challenges. Medical Information Science Reference, Hershey, PA.
Tracking and repairing damaged databases using before image table
  • M Xie
  • H Zhu
  • Y Feng
  • G Hu
Xie, M., Zhu, H., Feng, Y., Hu, G., 2008. Tracking and repairing damaged databases using before image table. In: Proceedings of the Japan-China Joint Workshop on Frontier of Computer Science and Technology (FCST '08), Nagasaki, Japan. IEEE Computer Society, Washington, DC, USA.
Microsoft SQL Server Management Studio Express
Microsoft Corporation, 2016, Microsoft SQL Server Management Studio Express, Inc. website https://www.microsoft.com/en-us/download/details.aspx?id=8961. Oracle Corporation, 2016a, Java Inc. website http://www.oracle.com/technetwork/java/index.html. Oracle Corporation, 2016b, NetBeans IDE, Inc. website https://netbeans.org/.