Future of Information and Communication Conference (FICC) 2024
4-5 April 2024
Publication Links
IJACSA
Special Issues
Future of Information and Communication Conference (FICC)
Computing Conference
Intelligent Systems Conference (IntelliSys)
Future Technologies Conference (FTC)
International Journal of Advanced Computer Science and Applications(IJACSA), Volume 14 Issue 10, 2023.
Abstract: This paper demonstrates the feasibility of a database reconstruction attack on open-source database engines and presents a defense method against it. We launch a Flush+Reload attack on SQLite, which returns approximate, noisy volumes returned by range queries for a private database. Given the volumes, our database reconstruction uses two al-gorithms, a Modified Clique-Finding algorithm and Match-Extension algorithm, to recover the database. Experiments show that an attacker can reconstruct the victim’s database with a size of 10,000 and a range of 12 with an error rate of up to 0.07% at most. To mitigate the attack, a small dummy data is added to the result volumes of range queries, which makes the approximation more confused. Experimental results show that by adding about 1% of dummy data, an attack success rate (in terms of the number of reconstructed volumes in the database) is reduced to 60% from 100% and an error rate increases to 15% from 0.07%. It is also observed that by adding about 2%of dummy data, the reconstruction is completely failed.
Hyeonwoo Han, Eun-Kyu Lee and Junghee Jo, “A Small Dummy Disrupting Database Reconstruction in a Cache Side-Channel Attack” International Journal of Advanced Computer Science and Applications(IJACSA), 14(10), 2023. http://dx.doi.org/10.14569/IJACSA.2023.01410111
@article{Han2023,
title = {A Small Dummy Disrupting Database Reconstruction in a Cache Side-Channel Attack},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2023.01410111},
url = {http://dx.doi.org/10.14569/IJACSA.2023.01410111},
year = {2023},
publisher = {The Science and Information Organization},
volume = {14},
number = {10},
author = {Hyeonwoo Han and Eun-Kyu Lee and Junghee Jo}
}
Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.