nach oben

Peer-to-Peer Networking and Applications

Erschienen in:

01.09.2016

Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems

verfasst von: Ramzi A. Haraty, Mirna Zbib, Mehedi Masud

Erschienen in: Peer-to-Peer Networking and Applications | Ausgabe 5/2016

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In a data sharing system in a cloud computing environment, such as health care system, peers or data sources execute transactions on-the-fly in response to user queries without any centralized control. In this case confidential data might be intercepted or read by hackers. We cannot consider any centralized control for securing data since we cannot assume any central third party security infrastructure (e.g., PKI) to protect confidential data in a data sharing system. Securing health information from malicious attacks has become a major concern. However, securing the data from attacks sometimes fail and attackers succeed in inserting malicious data. Hence, this presents a need for fast and efficient damage assessment and recovery algorithms. In this paper, we present an efficient data damage assessment and recovery algorithm to delete malicious transactions and recover affected transactions in a data source in a health care system based on the concept of the matrix. We compare our algorithm with other approaches and show the performance results.

Vorheriger Artikel Guest editorial: Secure cloud computing for mobile health services

Nächster Artikel An intelligent RFID-enabled authentication scheme for healthcare applications in vehicular mobile cloud

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Libicki M, Fellow S (1995) What is information warfare? United States Government Printing, United States

Chu J, Zihui G, Huber R, Ji P, Yates J, Yu Y (2012) ALERT-ID: Analyse Logs of the Network Element in Real Time for Intrusion Detection. Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defences

Kurra K, Panda B, Li W, Hu Y (2015) An Agent based approach to perform damage assessment and recovery efficiently after a cyber attack to ensure E-government database security. Proceedings of the 48th Hawaii International Conference on System Sciences

Hutchinsn W (2006) Information warfare and deception. Inf Sci 9:213–223

Hua D, Xiaolin Q, Guineng Z, Ziyue L (2011) SQRM: an effective solution to suspicious users in database. DBKDA 2011: The Third International Conference on Advances in Databases, Knowledge, and Data Applications, St. Maarten, The Netherlands Antilles

Kim T, Wang X, Zeldovich N, Kaashoek M (2010) Intrusion recovery using selective re-execution. Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation (OSDI ’10), pp. 89–104

Chakraborty A, Majumdar A, Sural S (2010) A column dependency based approach for static and dynamic recovery of databases from malicious transactions. Int J Inf Secur (ACM) 9(1):51–67CrossRef

Panda B, Zhou J (2003) Database damage assessment using a matrix based approach: An intrusion response system. Proceedings of the 7th International Database Engineering and Applications Symposium (IDEAS 2003), pp. 336–341

Panda B, Perrizo W Haraty RA (1994) Secure transaction management and query processing in multilevel secure database systems. Proceedings of the Symposium on Applied Computing. Phoenix, AZ, pp. 363–368

10.

Ning P, Jajodia S (2004) Intrusion detection techniques. Internet Encycl 2:355–368

11.

Megan B (1999) Information warfare: What and how? Carnegie Mellon School of Computer Science. Retrieved from http://www.cs.cmu.edu/~burnsm/InfoWarfare.html

12.

Haeni R (1997) Information warfare an introduction. The George Washington University, Washington DC

13.

Panda B, Haque KA (2002) Extended data dependency approach: a robust way of rebuilding database. Proceedings of the 2002 ACM Symposium on Applied Computing, pp. 445–452

14.

Panda B, Gordano J (1998) Reconstructing the database after electronic attacks. Proceedings of the IFIP TC11 WG 11.3 Twelfth International Working Conference on Database Security XII: Status and Prospects

15.

Ammann P, Jajodia S, Liu P (2002) Recovery from malicious transactions. IEEE Trans Knowl Data Eng 14(5):1167–1185CrossRef

16.

Fu G, Zhu H, Feng Y, Zhu Y, Shi J, Chen M (2008) Fine grained transaction log for data recovery in database system. Third Asia-Pacific Trusted Infrastructure Technologies Conference (IEEE), Washington, DC, USA

17.

Lomet D, Vagena Z, Barga R (2006) Recovery from “Bad” user transactions. SIGMOD, June 27–29, Chicago, Illinois, USA

18.

Ragothaman P, Panda B (2002) Analyzing transaction logs for effective damage assessment. Proceedings of the 16th Annual IFPI WG 11.3 Working Conference on Database and Application Security, pp. 121–134

19.

Haraty RA, Zeitunlian A (2007) Damage assessment and recovery from malicious transactions using data dependency. ISESCO J Sci Technol 3(4):43–50

20.

Zhou J, Panda B, Hu Y (2004) Succinct and fast accessible data structures for database damage assessment. In: Gosh R, Mohanty H (eds) Distributed computing and internet technology. Springer, Berlin, pp 111–119

21.

Zhou J, Panda B (2005) A log independent distributed database damage assessment model. Proceedings of the 2005 I.E. Workshop on Information Assurance and Security, pp. 302–309

22.

Xie M, Zhu H, Feng Y, Hu G (2008) Tracking and repairing damaged databases using before image table. Japan-China Joint Workshop on Frontier of Computer Science and Technology (IEEE), pp. 36–41

23.

Liu P, Yu M (2011) Damage assessment and repair in attack resilient distributed database systems. Assoc Comput Mach (ACM) 33(1):96–107

24.

Lala C, Panda B (2001) Evaluating damage from cyber-attacks: a model and analysis. IEEE Trans Syst Man Cybern 31(4):300–310CrossRef

25.

Ray I, McConnell R, Lunacek M, Kumar V (2004) Reducing damage assessment latency in survivable databases. In: Howard W, Lachlan M (eds) Key technologies for data management. Springer, Berlin, pp 106–111CrossRef

26.

Gray J, Reuter A (1993) Transaction processing concepts and techniques. Morgan Kaufmann, San FranciscoMATH

27.

Bernstein P, Hadzilacos V, Goodman N (1987) Concurrency control and recovery in database systems. Addison-Wesley, Massachusetts

28.

Microsoft Corporation – Northwind and Pubs Sample Databases for SQL Server 2000 (2015) http://www.microsoft.com/en-us/download/details.aspx?id=23654. Retrieved on 10 Mar 2015

Titel: Data damage assessment and recovery algorithm from malicious attacks in healthcare data sharing systems
verfasst von: Ramzi A. Haraty
Mirna Zbib
Mehedi Masud
Publikationsdatum: 01.09.2016
Verlag: Springer US
Erschienen in: Peer-to-Peer Networking and Applications / Ausgabe 5/2016
Print ISSN: 1936-6442
Elektronische ISSN: 1936-6450
DOI: https://doi.org/10.1007/s12083-015-0361-z

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 5/2016

Privacy preserving secure data exchange in mobile P2P cloud healthcare environment

Efficient data integrity auditing for storage security in mobile health cloud

Guest editorial: Secure cloud computing for mobile health services

Underlaid-D2D-assisted cooperative multicast based on social networks

A semi-supervised privacy-preserving clustering algorithm for healthcare

Providing security and fault tolerance in P2P connections between clouds for mHealth services