research-article

Intrusion recovery for database-backed web applications

Authors:

Ramesh Chandra,

Nickolai ZeldovichAuthors Info & Claims

SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

Pages 101 - 114

https://doi.org/10.1145/2043556.2043567

Published: 23 October 2011 Publication History

Abstract

Warp is a system that helps users and administrators of web applications recover from intrusions such as SQL injection, cross-site scripting, and clickjacking attacks, while preserving legitimate user changes. Warp repairs from an intrusion by rolling back parts of the database to a version before the attack, and replaying subsequent legitimate actions. Warp allows administrators to retroactively patch security vulnerabilities---i.e., apply new security patches to past executions---to recover from intrusions without requiring the administrator to track down or even detect attacks. Warp's time-travel database allows fine-grained rollback of database rows, and enables repair to proceed concurrently with normal operation of a web application. Finally, Warp captures and replays user input at the level of a browser's DOM, to recover from attacks that involve a user's browser. For a web server running MediaWiki, Warp requires no application source code changes to recover from a range of common web application vulnerabilities with minimal user input at a cost of 24--27% in throughput and 2--3.2 GB/day in storage.

References

[1]

İ. E. Akkus and A. Goel. Data recovery for web applications. In Proceedings of the 40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Chicago, IL, Jun--Jul 2010.

[2]

P. Ammann, S. Jajodia, and P. Liu. Recovery from malicious transactions. Transactions on Knowledge and Data Engineering, 14:1167--1185, 2002.

Digital Library

[3]

C. Curino, E. Jones, Y. Zhang, and S. Madden. Schism: a workload-driven approach to database replication and partitioning. Proceedings of the VLDB Endowment, 3(1), 2010.

Digital Library

[4]

Damon Cortesi. Twitter StalkDaily worm postmortem. http://dcortesi.com/2009/04/11/twitter-stalkdaily-worm-postmortem/.

[5]

G. W. Dunlap, S. T. King, S. Cinar, M. Basrai, and P. M. Chen. ReVirt: Enabling intrusion analysis through virtual-machine logging and replay. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation, pages 211--224, Boston, MA, Dec 2002.

Digital Library

[6]

S. Finkelstein, M. Schkolnick, and P. Tiberio. Physical database design for relational databases. ACM Transactions on Database Systems, 13(1):91--128, 1988.

Digital Library

[7]

C. Goldfeder. Gmail snooze with apps script. http://googleappsdeveloper.blogspot.com/2011/07/gmail-snooze-with-apps-script.html.

[8]

D. Goodin. Surfing Google may be harmful to your security. The Register, Aug 2008. http://www.theregister.co.uk/2008/08/09/google_gadget_threats/.

[9]

Google, Inc. Google apps script. http://code.google.com/googleapps/appsscript/.

[10]

S. Gordeychik. Web application security statistics, http://www.webappsec.org/projects/statistics/.

[11]

S. A. Hofmeyr, S. Forrest, and A. Somayaji. Intrusion detection using sequences of system calls. Journal of Computer Security, 6:151--180, 1998.

Digital Library

[12]

M. Y. L. Ip, L. V. Saxton, and V. V. Raghavan. On the selection of an optimal set of indexes. IEEE Trans. Softw. Eng., 9(2): 135--143, 1983.

Digital Library

[13]

A. Joshi, S. King, G. Dunlap, and P. Chen. Detecting past and present intrusions through vulnerability-specific predicates. In Proceedings of the 20th ACM Symposium on Operating Systems Principles, pages 91--104, Brighton, UK, Oct 2005.

Digital Library

[14]

T. Kim, X. Wang, N. Zeldovich, and M. F. Kaashoek. Intrusion recovery using selective re-execution. In Proceedings of the 9th Symposium on Operating Systems Design and Implementation, pages 89--104, Vancouver, Canada, Oct 2010.

Digital Library

[15]

S. T. King and P. M. Chen. Backtracking intrusions. ACM Transactions on Computer Systems, 23(1):51--76. Feb 2005.

Digital Library

[16]

W. Lee, S. J. Stolfo, and P. K. Chan. Learning patterns from Unix process execution traces for intrusion detection. In Proceedings of the AAAI Workshop on AI Approaches in Fraud Detection and Risk Management, pages 50--56, Jul 1997.

[17]

P. Liu, P. Ammann, and S. Jajodia. Rewriting histories: Recovering from malicious transactions. Journal of Distributed and Parallel Databases, 8:7--40, 2000.

Digital Library

[18]

B. Livshits and W. Cui. Spectator: Detection and containment of JavaScript worms. In Proceedings of the 2008 USENIX Annual Technical Conference, Boston, MA, Jun 2008.

Digital Library

[19]

P. Mahajan, R. Kotla, C. C. Marshall. V., Ramasubramanian, T. L. Rodeheffer, D. B. Terry, and T. Wobber. Effective and efficient compromise recovery for weakly consistent replication. In Proceedings of the ACM EuroSys Conference, Nuremberg, Germany, Mar 2009.

Digital Library

[20]

D. W. Margo and M. Seltzer. The case for browser provenance. In Proceedings of the 1st Workshop on the Theory and Practice of Provenance, San Francisco, CA, Feb 2009.

Digital Library

[21]

MediaWiki. MediaWiki. http://www.mediawiki.org.

[22]

J. Mickens, J. Elson, and J. Howell. Mugshot: Deterministic capture and replay for JavaScript applications. In Proceedings of the 7th Symposium on Networked Systems Design and Implementation, San Jose, CA, Apr 2010.

Digital Library

[23]

M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay. Caja: Safe active content in sanitized JavaScript, 2008. http://code.google.com/p/google-caja/downloads/list.

[24]

K.-K. Muniswamy-Reddy, D. Holland, U. Braun, and M. Seltzer. Provenance-aware storage systems. In Proceedings of the 2006 USENIX Annual Technical Conference, Boston, MA, May-Jun 2006.

Digital Library

[25]

K.-K. Muniswamy-Reddy, U. Braun, D. Holland, P. Macko, D. Maclean, D. W. Margo, M. Seltzer, and R. Smogor, Layering in provenance systems. In Proceedings of the 2009 USENIX Annual Technical Conference, San Diego, CA, Jun 2009.

Digital Library

[26]

K.-K. Muniswamy-Reddy, P. Macko, and M. Seltzer. Provenance for the cloud. In Proceedings of the 8th Conference on File and Storage Technologies, San Jose, CA, Feb 2010.

Digital Library

[27]

National Vulnerability Database. CVE statistics. http://web.nvd.nist.gov/view/vuln/statistics, Feb 2011.

[28]

C. Olston and A. D. Sarma. Ibis: A provenance manager for multi-layer systems. In Proceedings of the 5th Biennial Conference on Innovative Data Systems Research, Pacific Grove, CA, Jan 2011.

[29]

Oracle Corporation. Oracle flashback technology. http://www.oracle.com/technetwork/database/features/availability/flashback-overview-082751.html.

[30]

R. T. Snodgrass and I. Ahn. Temporal databases. IEEE Computer, 19(9):35--42, Sep 1986.

Digital Library

[31]

J. Tyson. Recent Facebook XSS attacks show increasing sophistication. http://theharmonyguy.com/2011/04/21/recent-facebook-xss-attacks/, Apr 2011.

[32]

C. Warrender, S. Forrest, and B. Pearlmutter. Detecting intrusions using system calls: Alternative data models. In Proceedings of the 20th IEEE Symposium on Security and Privacy, Oakland, CA, May 1999.

[33]

K. Wickre. About that fake post. http://googleblog.blogspot.com/2006/10/about-that-fake-post.html.

Cited By

Feng SYe YShi QCheng ZXu XCheng SChoi HZhang XFilkov VRay BZhou M(2024)ROCAS: Root Cause Analysis of Autonomous Driving Accidents via Cyber-Physical Co-mutationProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695530(1620-1632)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695530
Matos DPardal MCorreia M(2023)Sanare: Pluggable Intrusion Recovery for Web ApplicationsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.313947220:1(590-605)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2021.3139472
Vaz DMatos DPardal MCorreia M(2023)MIRES: Intrusion Recovery for Applications Based on Backend-As-a-ServiceIEEE Transactions on Cloud Computing10.1109/TCC.2022.317898211:2(2011-2027)Online publication date: 1-Apr-2023
https://doi.org/10.1109/TCC.2022.3178982
Show More Cited By

Index Terms

Intrusion recovery for database-backed web applications
1. Information systems
  1. World Wide Web
    1. Web applications
    2. Web services

Recommendations

Automated intrusion recovery for web applications
On database intrusion detection: A Query analytics-based model of normative behavior to detect insider attacks
ICCNS '17: Proceedings of the 2017 7th International Conference on Communication and Network Security

One of the challenges in database security is timely detection of an insider attack. This gets more challenging in the case of sophisticated / expert insiders. Behavioral-based techniques have shown promising results in detecting insider attacks. Most ...
Hacking Exposed Web Applications, Second Edition

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SOSP '11: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles

October 2011

417 pages

ISBN:9781450309776

DOI:10.1145/2043556

General Chair:
Ted Wobber
MSR Silicon Valley
,
Program Chair:
Peter Druschel
MPI-SWS

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

INESC: Systems and Computer Engineering Institute
SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 October 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Conference

SOSP '11

Sponsor:

INESC
SIGOPS

SOSP '11: ACM SIGOPS 23nd Symposium on Operating Systems Principles

October 23 - 26, 2011

Cascais, Portugal

Acceptance Rates

Overall Acceptance Rate 174 of 961 submissions, 18%

Upcoming Conference

SOSP '25

Sponsor:
sigops

ACM SIGOPS 31st Symposium on Operating Systems Principles

October 13 - 16, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

49
Total Citations
View Citations
549
Total Downloads

Downloads (Last 12 months)15
Downloads (Last 6 weeks)1

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Feng SYe YShi QCheng ZXu XCheng SChoi HZhang XFilkov VRay BZhou M(2024)ROCAS: Root Cause Analysis of Autonomous Driving Accidents via Cyber-Physical Co-mutationProceedings of the 39th IEEE/ACM International Conference on Automated Software Engineering10.1145/3691620.3695530(1620-1632)Online publication date: 27-Oct-2024
https://dl.acm.org/doi/10.1145/3691620.3695530
Matos DPardal MCorreia M(2023)Sanare: Pluggable Intrusion Recovery for Web ApplicationsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.313947220:1(590-605)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2021.3139472
Vaz DMatos DPardal MCorreia M(2023)MIRES: Intrusion Recovery for Applications Based on Backend-As-a-ServiceIEEE Transactions on Cloud Computing10.1109/TCC.2022.317898211:2(2011-2027)Online publication date: 1-Apr-2023
https://doi.org/10.1109/TCC.2022.3178982
Matos DPardal MSilva ACorreia M(2023)μVerum: Intrusion Recovery for Microservice ApplicationsIEEE Access10.1109/ACCESS.2023.329811311(78457-78470)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3298113
Dissanayake NJayatilaka AZahedi MBabar M(2022)An Empirical Study of Automation in Software Security Patch ManagementProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556969(1-13)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3556969
Qiu ZShao SZhao QJin GSpinellis DGousios GChechik MDi Penta M(2021)Understanding and detecting server-side request races in web applicationsProceedings of the 29th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering10.1145/3468264.3468594(842-854)Online publication date: 20-Aug-2021
https://dl.acm.org/doi/10.1145/3468264.3468594
Gandhi NRoth ESandler BHaeberlen APhan LBarbalace ABhatotia PAlvisi LCadar C(2021)REBOUNDProceedings of the Sixteenth European Conference on Computer Systems10.1145/3447786.3456257(523-539)Online publication date: 21-Apr-2021
https://dl.acm.org/doi/10.1145/3447786.3456257
Qiu ZShao SZhao QJin G(2021)A Characteristic Study of Deadlocks in Database-Backed Web Applications2021 IEEE 32nd International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE52982.2021.00059(510-521)Online publication date: Oct-2021
https://doi.org/10.1109/ISSRE52982.2021.00059
Vaz DMatos DPardal MCorreia M(2020)MIRES: Recovering Mobile Applications based on Backend-as-a-Service from Cyber AttacksMobiQuitous 2020 - 17th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services10.1145/3448891.3448932(262-272)Online publication date: 7-Dec-2020
https://dl.acm.org/doi/10.1145/3448891.3448932
Mitra SHasanuzzaman MSaha S(2020)A Unified Multi-view Clustering Algorithm Using Multi-objective Optimization Coupled with Generative ModelACM Transactions on Knowledge Discovery from Data10.1145/336567314:1(1-31)Online publication date: 3-Feb-2020
https://dl.acm.org/doi/10.1145/3365673
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents