Abstract
In this paper, we describe a system that distinguishes be- tween legitimate and malicious database transactions per- formed by application programs. Our system is particularly useful for protecting against code-modification attacks performed by insiders who have access to and can change the programs' source code to make them execute different queries than those they are expected to execute. Our system works with any type of DBMS and requires minimum modification to application programs.
Date of this Version
11-2014
DOI
10.1145/2660267.2662384
Included in
Engineering Commons, Life Sciences Commons, Medicine and Health Sciences Commons, Physical Sciences and Mathematics Commons