用于关系数据库篡改检测的半脆弱水印方案

IF 1.1 4区计算机科学 Q4 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Malaysian Journal of Computer Science Pub Date : 2021-01-31 DOI:10.22452/mjcs.vol34no1.1

Saeed Arif Shah, Imran Ali Khan, Syed Zaki Hassan Kazmi, Fariza Hanum Binti Md Nasaruddin

{"title":"用于关系数据库篡改检测的半脆弱水印方案","authors":"Saeed Arif Shah, Imran Ali Khan, Syed Zaki Hassan Kazmi, Fariza Hanum Binti Md Nasaruddin","doi":"10.22452/mjcs.vol34no1.1","DOIUrl":null,"url":null,"abstract":"Most of data over the Internet today is hosted on outsourced third-party servers which are not trusted. Sometimes data is to be distributed to other organizations or individuals for pre-agreed use. In both of these scenarios data is susceptible to malicious tampering so there is a need for some mechanism to verify database integrity. Moreover, the authentication process should be able to differentiate between valid updates and malicious modifications. In this paper, we present a novel semi-fragile watermarking scheme for relational database integrity verification. Besides detection and localization of database tampering, the proposed scheme allows modifications to the data that need periodic updates, without requiring re-watermarking. Watermark embedding is distortion free, as it is done by adjusting the text case of selected data values resulting in retention of semantic meaning of data. Additionally, group-based embedding ensures the localization of tampering up to group level. We implemented a proof of concept application of our watermarking technique. Theoretical analysis and experiments show that even a single value modification can be detected with very high probability besides detection of attacks like tuple insertion and tuple deletion.","PeriodicalId":49894,"journal":{"name":"Malaysian Journal of Computer Science","volume":" ","pages":""},"PeriodicalIF":1.1000,"publicationDate":"2021-01-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"SEMI-FRAGILE WATERMARKING SCHEME FOR RELATIONAL DATABASE TAMPER DETECTION\",\"authors\":\"Saeed Arif Shah, Imran Ali Khan, Syed Zaki Hassan Kazmi, Fariza Hanum Binti Md Nasaruddin\",\"doi\":\"10.22452/mjcs.vol34no1.1\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most of data over the Internet today is hosted on outsourced third-party servers which are not trusted. Sometimes data is to be distributed to other organizations or individuals for pre-agreed use. In both of these scenarios data is susceptible to malicious tampering so there is a need for some mechanism to verify database integrity. Moreover, the authentication process should be able to differentiate between valid updates and malicious modifications. In this paper, we present a novel semi-fragile watermarking scheme for relational database integrity verification. Besides detection and localization of database tampering, the proposed scheme allows modifications to the data that need periodic updates, without requiring re-watermarking. Watermark embedding is distortion free, as it is done by adjusting the text case of selected data values resulting in retention of semantic meaning of data. Additionally, group-based embedding ensures the localization of tampering up to group level. We implemented a proof of concept application of our watermarking technique. Theoretical analysis and experiments show that even a single value modification can be detected with very high probability besides detection of attacks like tuple insertion and tuple deletion.\",\"PeriodicalId\":49894,\"journal\":{\"name\":\"Malaysian Journal of Computer Science\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":1.1000,\"publicationDate\":\"2021-01-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Malaysian Journal of Computer Science\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.22452/mjcs.vol34no1.1\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Malaysian Journal of Computer Science","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.22452/mjcs.vol34no1.1","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 5

摘要

如今，互联网上的大多数数据都托管在不受信任的外包第三方服务器上。有时，数据将分发给其他组织或个人以供预先商定的使用。在这两种情况下，数据都容易受到恶意篡改，因此需要某种机制来验证数据库的完整性。此外，身份验证过程应该能够区分有效更新和恶意修改。本文提出了一种用于关系数据库完整性验证的半脆弱水印方案。除了检测和定位数据库篡改之外，该方案还允许对需要定期更新的数据进行修改，而无需重新水印。水印嵌入是无失真的，因为它是通过调整所选数据值的文本大小写来实现的，从而保留了数据的语义。此外，基于组的嵌入确保了篡改的本地化到组级别。我们实现了水印技术的概念验证应用。理论分析和实验表明，除了检测元组插入和元组删除等攻击外，即使是单个值的修改也可以被非常高的概率检测到。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SEMI-FRAGILE WATERMARKING SCHEME FOR RELATIONAL DATABASE TAMPER DETECTION

Most of data over the Internet today is hosted on outsourced third-party servers which are not trusted. Sometimes data is to be distributed to other organizations or individuals for pre-agreed use. In both of these scenarios data is susceptible to malicious tampering so there is a need for some mechanism to verify database integrity. Moreover, the authentication process should be able to differentiate between valid updates and malicious modifications. In this paper, we present a novel semi-fragile watermarking scheme for relational database integrity verification. Besides detection and localization of database tampering, the proposed scheme allows modifications to the data that need periodic updates, without requiring re-watermarking. Watermark embedding is distortion free, as it is done by adjusting the text case of selected data values resulting in retention of semantic meaning of data. Additionally, group-based embedding ensures the localization of tampering up to group level. We implemented a proof of concept application of our watermarking technique. Theoretical analysis and experiments show that even a single value modification can be detected with very high probability besides detection of attacks like tuple insertion and tuple deletion.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Malaysian Journal of Computer Science COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE-COMPUTER SCIENCE, THEORY & METHODS

CiteScore

2.20

自引率

33.30%

发文量

审稿时长

7.5 months

期刊介绍： The Malaysian Journal of Computer Science (ISSN 0127-9084) is published four times a year in January, April, July and October by the Faculty of Computer Science and Information Technology, University of Malaya, since 1985. Over the years, the journal has gained popularity and the number of paper submissions has increased steadily. The rigorous reviews from the referees have helped in ensuring that the high standard of the journal is maintained. The objectives are to promote exchange of information and knowledge in research work, new inventions/developments of Computer Science and on the use of Information Technology towards the structuring of an information-rich society and to assist the academic staff from local and foreign universities, business and industrial sectors, government departments and academic institutions on publishing research results and studies in Computer Science and Information Technology through a scholarly publication. The journal is being indexed and abstracted by Clarivate Analytics'' Web of Science and Elsevier''s Scopus