Publications

Intrusion detection systems can detect a malicious transaction in a database. However, sometimes this process takes time and the detection occurs after the transaction commits. Databases cannot take any action in this case and the damage will spread to a certain part of the database. There are some methods to recover the damaged part of the database. Nevertheless, any recovery algorithm should be fast in order to decrease denial of service time. In this paper, we present a new damage assessment and recovery approach that recovers the database from malicious transactions in the least possible time. The algorithm exploits the data dependency approach to store the needed log file data in a single matrix that will be later used during recovery.