Title :
Evaluating damage from cyber attacks: a model and analysis
Author :
Lala, Chandana ; Panda, Brajendra
Author_Institution :
Unionware Inc., Winnipeg, Man., Canada
fDate :
7/1/2001 12:00:00 AM
Abstract :
Accurate recovery from a cyber attack depends on fast and perfect damage assessment. For damage assessment, traditional recovery methods require that the log of an affected database must be scanned starting from the attacking transaction until the end. This is a time-consuming task. Our objective in this research is to provide techniques that can be used to accelerate the damage appraisal process and produce a correct result. We have presented a damage assessment model and four data structures associated with the model. Each of these structures uses dependency relationships among transactions, which update the database. These relationships are later used to determine exactly which transactions and exactly which data items are affected by the attacker. A performance comparison analysis obtained using simulation is provided to demonstrate the benefit of our model
Keywords :
data structures; database management systems; security of data; system recovery; transaction processing; cyber attacks; damage appraisal; damage evaluation; data structures; database update; dependency relationships; recovery; simulation; Acceleration; Analytical models; Appraisal; Computational modeling; Data structures; History; Intrusion detection; Performance analysis; Protection; Transaction databases;
Journal_Title :
Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on
DOI :
10.1109/3468.935047
