Timing Attacks for Recovering Private Entries from Database Engines
In today’s threat landscape, data security breaches are mostly due to the exploitation of bugs in front-end web applications (e.g. via SQL injection) or to the abuse of misconfigured authorization and access control permissions. This project is concerned with studying inherent a vulnerability in the indexing structures of database management systems that could allow an unauthorized user to retrieve secret information.
CoreLabs researchers have devised an attack that relies solely on the inherent characteristics of the indexing algorithms used by most commercial database management systems. With this new attack technique, an attacker with the ability to make inserts, over a table column indexed with B-trees, can retrieve all the values in this table column.
CoreLabs researchers devised an attack technique that uses a side-channel timing attack in the realm of database indexing algorithms and data structures. This attack exploits the inherent characteristics of the most commonly used indexing data structures and algorithms in today's commercial database management systems. As a result, it is possible to extract privacy-sensitive data from a database. This hold particularly true if indexing is done through B-trees. Further, the attack was successfully executed against the MySQL database engine and could possibly extend to other database engines.
Project Resources:
 |
Futoransky, Ariel; Saura, Damian; Wassbein, Ariel "Timing attacks for recovering private entries from database engines." Black Hat USA 2007 Briefings, August, 2007. Las Vegas, NV, USA. [paper] [presentation] |
|
Futoransky, Ariel; Saura, Damian; Wassbein, Ariel "The ND2DB Attack: Database content extraction using timing attacks on the indexing algorithms." First USENIX Workshop on Offensive Technologies (WOOT), August 2007. Boston, MA, USA. [paper] |