Command injection attacks, continuations, and the Lambek calculus

Directory of Open Access Journals (Sweden)

Hayo Thielecke

2016-06-01

Full Text Available This paper shows connections between command injection attacks, continuations, and the Lambek calculus: certain command injections, such as the tautology attack on SQL, are shown to be a form of control effect that can be typed using the Lambek calculus, generalizing the double-negation typing of continuations. Lambek's syntactic calculus is a logic with two implicational connectives taking their arguments from the left and right, respectively. These connectives describe how strings interact with their left and right contexts when building up syntactic structures. The calculus is a form of propositional logic without structural rules, and so a forerunner of substructural logics like Linear Logic and Separation Logic.

Preventing SQL Injection through Automatic Query Sanitization with ASSIST

Directory of Open Access Journals (Sweden)

Raymond Mui

2010-09-01

Full Text Available Web applications are becoming an essential part of our everyday lives. Many of our activities are dependent on the functionality and security of these applications. As the scale of these applications grows, injection vulnerabilities such as SQL injection are major security challenges for developers today. This paper presents the technique of automatic query sanitization to automatically remove SQL injection vulnerabilities in code. In our technique, a combination of static analysis and program transformation are used to automatically instrument web applications with sanitization code. We have implemented this technique in a tool named ASSIST (Automatic and Static SQL Injection Sanitization Tool for protecting Java-based web applications. Our experimental evaluation showed that our technique is effective against SQL injection vulnerabilities and has a low overhead.

Menangkal Serangan SQL Injection Dengan Parameterized Query

Directory of Open Access Journals (Sweden)

Yulianingsih Yulianingsih

2016-06-01

Full Text Available Semakin meningkat pertumbuhan layanan informasi maka semakin tinggi pula tingkat kerentanan keamanan dari suatu sumber informasi. Melalui tulisan ini disajikan penelitian yang dilakukan secara eksperimen yang membahas tentang kejahatan penyerangan database secara SQL Injection. Penyerangan dilakukan melalui halaman autentikasi dikarenakan halaman ini merupakan pintu pertama akses yang seharusnya memiliki pertahanan yang cukup. Kemudian dilakukan eksperimen terhadap metode Parameterized Query untuk mendapatkan solusi terhadap permasalahan tersebut.   Kata kunci— Layanan Informasi, Serangan, eksperimen, SQL Injection, Parameterized Query.

SiC: An Agent Based Architecture for Preventing and Detecting Attacks to Ubiquitous Databases

OpenAIRE

Pinzón, Cristian; de Paz Santana, Yanira; Bajo Pérez, Javier; Abraham, Ajith P.; Corchado Rodríguez, Juan M.

2009-01-01

One of the main attacks to ubiquitous databases is the structure query language (SQL) injection attack, which causes severe damages both in the commercial aspect and in the user’s confidence. This chapter proposes the SiC architecture as a solution to the SQL injection attack problem. This is a hierarchical distributed multiagent architecture, which involves an entirely new approach with respect to existing architectures for the prevention and detection of SQL injections. SiC incorporates a k...

INVESTIGATION OF NEURAL NETWORK ALGORITHM FOR DETECTION OF NETWORK HOST ANOMALIES IN THE AUTOMATED SEARCH FOR XSS VULNERABILITIES AND SQL INJECTIONS

Directory of Open Access Journals (Sweden)

Y. D. Shabalin

2016-03-01

Full Text Available A problem of aberrant behavior detection for network communicating computer is discussed. A novel approach based on dynamic response of computer is introduced. The computer is suggested as a multiple-input multiple-output (MIMO plant. To characterize dynamic response of the computer on incoming requests a correlation between input data rate and observed output response (outgoing data rate and performance metrics is used. To distinguish normal and aberrant behavior of the computer one-class neural network classifieris used. General idea of the algorithm is shortly described. Configuration of network testbed for experiments with real attacks and their detection is presented (the automated search for XSS and SQL injections. Real found-XSS and SQL injection attack software was used to model the intrusion scenario. It would be expectable that aberrant behavior of the server will reveal itself by some instantaneous correlation response which will be significantly different from any of normal ones. It is evident that correlation picture of attacks from different malware running, the site homepage overriding on the server (so called defacing, hardware and software failures will differ from correlation picture of normal functioning. Intrusion detection algorithm is investigated to estimate false positive and false negative rates in relation to algorithm parameters. The importance of correlation width value and threshold value selection was emphasized. False positive rate was estimated along the time series of experimental data. Some ideas about enhancement of the algorithm quality and robustness were mentioned.

SiC: An Agent Based Architecture for Preventing and Detecting Attacks to Ubiquitous Databases

Science.gov (United States)

Pinzón, Cristian; de Paz, Yanira; Bajo, Javier; Abraham, Ajith; Corchado, Juan M.

One of the main attacks to ubiquitous databases is the structure query language (SQL) injection attack, which causes severe damages both in the commercial aspect and in the user’s confidence. This chapter proposes the SiC architecture as a solution to the SQL injection attack problem. This is a hierarchical distributed multiagent architecture, which involves an entirely new approach with respect to existing architectures for the prevention and detection of SQL injections. SiC incorporates a kind of intelligent agent, which integrates a case-based reasoning system. This agent, which is the core of the architecture, allows the application of detection techniques based on anomalies as well as those based on patterns, providing a great degree of autonomy, flexibility, robustness and dynamic scalability. The characteristics of the multiagent system allow an architecture to detect attacks from different types of devices, regardless of the physical location. The architecture has been tested on a medical database, guaranteeing safe access from various devices such as PDAs and notebook computers.

Rising Trend: Complex and sophisticated attack methods

Indian Academy of Sciences (India)

Stux, DuQu, Nitro, Luckycat, Exploit Kits, FLAME. ADSL/SoHo Router Compromise. Botnets of compromised ADSL/SoHo Routers; User Redirection via malicious DNS entry. Web Application attacks. SQL Injection, RFI etc. More and more Webshells. More utility to hackers; Increasing complexity and evading mechanisms.

Fatal injection: a survey of modern code injection attack countermeasures

Directory of Open Access Journals (Sweden)

Dimitris Mitropoulos

2017-11-01

Full Text Available With a code injection attack (CIA an attacker can introduce malicious code into a computer program or system that fails to properly encode data that comes from an untrusted source. A CIA can have different forms depending on the execution context of the application and the location of the programming flaw that leads to the attack. Currently, CIAs are considered one of the most damaging classes of application attacks since they can severely affect an organisation’s infrastructure and cause financial and reputational damage to it. In this paper we examine and categorize the countermeasures developed to detect the various attack forms. In particular, we identify two distinct categories. The first incorporates static program analysis tools used to eliminate flaws that can lead to such attacks during the development of the system. The second involves the use of dynamic detection safeguards that prevent code injection attacks while the system is in production mode. Our analysis is based on nonfunctional characteristics that are considered critical when creating security mechanisms. Such characteristics involve usability, overhead, implementation dependencies, false positives and false negatives. Our categorization and analysis can help both researchers and practitioners either to develop novel approaches, or use the appropriate mechanisms according to their needs.

Automatically Preparing Safe SQL Queries

Science.gov (United States)

Bisht, Prithvi; Sistla, A. Prasad; Venkatakrishnan, V. N.

We present the first sound program source transformation approach for automatically transforming the code of a legacy web application to employ PREPARE statements in place of unsafe SQL queries. Our approach therefore opens the way for eradicating the SQL injection threat vector from legacy web applications.

Detection of Cross Site Scripting Attack in Wireless Networks Using n-Gram and SVM

Directory of Open Access Journals (Sweden)

Jun-Ho Choi

2012-01-01

Full Text Available Large parts of attacks targeting the web are aiming at the weak point of web application. Even though SQL injection, which is the form of XSS (Cross Site Scripting attacks, is not a threat to the system to operate the web site, it is very critical to the places that deal with the important information because sensitive information can be obtained and falsified. In this paper, the method to detect themalicious SQL injection script code which is the typical XSS attack using n-Gram indexing and SVM (Support Vector Machine is proposed. In order to test the proposed method, the test was conducted after classifying each data set as normal code and malicious code, and the malicious script code was detected by applying index term generated by n-Gram and data set generated by code dictionary to SVM classifier. As a result, when the malicious script code detection was conducted using n-Gram index term and SVM, the superior performance could be identified in detecting malicious script and the more improved results than existing methods could be seen in the malicious script code detection recall.

Understanding network hacks attack and defense with Python

CERN Document Server

Ballmann, Bastian

2015-01-01

This book explains how to see one's own network through the eyes of an attacker, to understand their techniques and effectively protect against them. Through Python code samples the reader learns to code tools on subjects such as password sniffing, ARP poisoning, DNS spoofing, SQL injection, Google harvesting and Wifi hacking. Furthermore the reader will be introduced to defense methods such as intrusion detection and prevention systems and log file analysis by diving into code.

Commix: Automating Evaluation and Exploitation of Command Injection Vulnerabilities in Web Applications

OpenAIRE

Stasinopoulos, Anastasios; Ntantogian, Christoforos; Xenakis, Christos

2018-01-01

Despite the prevalence and the high impact of command injection attacks, little attention has been given by the research community to this type of code injections. Although there are many software tools to detect and exploit other types of code injections, such as SQL injections or Cross Site Scripting, there is no dedicated and specialized software that detects and exploits, automatically, command injection vulnerabilities. This paper proposes an open source tool that automates the process o...

Large-Scale Analysis of Remote Code Injection Attacks in Android Apps

Directory of Open Access Journals (Sweden)

Hyunwoo Choi

2018-01-01

Full Text Available It is pretty well known that insecure code updating procedures for Android allow remote code injection attack. However, other than codes, there are many resources in Android that have to be updated, such as temporary files, images, databases, and configurations (XML and JSON. Security of update procedures for these resources is largely unknown. This paper investigates general conditions for remote code injection attacks on these resources. Using this, we design and implement a static detection tool that automatically identifies apps that meet these conditions. We apply the detection tool to a large dataset comprising 9,054 apps, from three different types of datasets: official market, third-party market, and preinstalled apps. As a result, 97 apps were found to be potentially vulnerable, with 53 confirmed as vulnerable to remote code injection attacks.

Large-Scale Analysis of Remote Code Injection Attacks in Android Apps

OpenAIRE

Choi, Hyunwoo; Kim, Yongdae

2018-01-01

It is pretty well known that insecure code updating procedures for Android allow remote code injection attack. However, other than codes, there are many resources in Android that have to be updated, such as temporary files, images, databases, and configurations (XML and JSON). Security of update procedures for these resources is largely unknown. This paper investigates general conditions for remote code injection attacks on these resources. Using this, we design and implement a static detecti...

Expert T-SQL window functions in SQL Server

CERN Document Server

Kellenberger, Kathi

2015-01-01

Expert T-SQL Window Functions in SQL Server takes you from any level of knowledge of windowing functions and turns you into an expert who can use these powerful functions to solve many T-SQL queries. Replace slow cursors and self-joins with queries that are easy to write and fantastically better performing, all through the magic of window functions. First introduced in SQL Server 2005, window functions came into full blossom with SQL Server 2012. They truly are one of the most notable developments in SQL in a decade, and every developer and DBA can benefit from their expressive power in sol

SQLdefend: An automated detection and prevention technique for ...

African Journals Online (AJOL)

SQL injection attacks (SQLIAs), one of the most foremost threats to Web applications is an attacking technique in which specially crafted input string result in illegal queries to a database. An SQL injection attack target interactive Web applications that employ database services. In this paper, we propose SQLDefend as a ...

SQL Hacks

CERN Document Server

Cumming, Andrew

2009-01-01

Whether you're running Access, MySQL, SQL Server, Oracle, or PostgreSQL, this book will help you push the limits of traditional SQL to squeeze data effectively from your database. SQL Hacks offers 100 hacks -- unique tips and tools -- that bring you the knowledge of experts who apply what they know in the real world to help you take full advantage of the expressive power of SQL. You'll find practical techniques to address complex data manipulation problems.

SQL Tuning

CERN Document Server

Tow, Dan

2003-01-01

A poorly performing database application not only costs users time, but also has an impact on other applications running on the same computer or the same network. SQL Tuning provides an essential next step for SQL developers and database administrators who want to extend their SQL tuning expertise and get the most from their database applications.There are two basic issues to focus on when tuning SQL: how to find and interpret the execution plan of an SQL statement and how to change SQL to get a specific alternate execution plan. SQL Tuning provides answers to these questions and addresses a third issue that's even more important: how to find the optimal execution plan for the query to use.Author Dan Tow outlines a timesaving method he's developed for finding the optimum execution plan--rapidly and systematically--regardless of the complexity of the SQL or the database platform being used. You'll learn how to understand and control SQL execution plans and how to diagram SQL queries to deduce the best executio...

Overview of NoSQL and comparison with SQL database ...

African Journals Online (AJOL)

Overview of NoSQL and comparison with SQL database management systems. ... Abstract. The increasing need for space in the database community has caused the revolution named NoSQL ‗Not Only SQL'. ... HOW TO USE AJOL.

Joe Celko's SQL for Smarties Advanced SQL Programming

CERN Document Server

Celko, Joe

2010-01-01

SQL for Smarties was hailed as the first book devoted explicitly to the advanced techniques needed to transform an experienced SQL programmer into an expert. Now, 15 years later and in its fourth edition, this classic reference still reigns supreme as the only book written by a SQL master that teaches programmers and practitioners to become SQL masters themselves! These are not just tips and techniques; also offered are the best solutions to old and new challenges. Joe Celko conveys the way you need to think in order to get the most out of SQL programming efforts for both correctness and perfo

NoSQL and SQL Databases for Mobile Applications. Case Study: MongoDB versus PostgreSQL

Directory of Open Access Journals (Sweden)

Marin FOTACHE

2013-01-01

Full Text Available Compared with "classical" web, multi-tier applications, mobile applications have common and specific requirements concerning data persistence and processing. In mobile apps, database features can be distinctly analyzed for the client (minimalistic, isolated, memory-only and the server (data rich, centralized, distributed, synchronized and disk-based layers. Currently, a few lite relational database products reign the persistence for client platforms of mobile applications. There are two main objectives of this paper. First is to investigate storage options for major mobile platforms. Second is to point out some major differences between SQL and NoSQL datastores in terms of deployment, data model, schema design, data definition and manipulation. As NoSQL movement lacks standardization, from NoSQL products family MongoDB was chosen as reference, due to its strengths and popularity among developers. PostgreSQL serves the position of SQL DBMSs representative due to its popularity and conformity with SQL standards.

SQL Pocket Guide

CERN Document Server

Gennick, Jonathan

2010-01-01

If you're a programmer or database administrator who uses SQL in your day-to-day work, this popular pocket guide is the ideal on-the-job reference. You'll find many examples that address the language's complexity, along with key aspects of SQL used in IBM DB2 Release 9.7, MySQL 5.1, Oracle Database 11g Release 2, PostgreSQL 9.0, and Microsoft SQL Server 2008 Release 2. SQL Pocket Guide describes how these database systems implement SQL syntax for querying, managing transactions, and making changes to data. It also shows how the systems use SQL functions, regular expression syntax, and type c

Research on high availability architecture of SQL and NoSQL

Science.gov (United States)

Wang, Zhiguo; Wei, Zhiqiang; Liu, Hao

2017-03-01

With the advent of the era of big data, amount and importance of data have increased dramatically. SQL database develops in performance and scalability, but more and more companies tend to use NoSQL database as their databases, because NoSQL database has simpler data model and stronger extension capacity than SQL database. Almost all database designers including SQL database and NoSQL database aim to improve performance and ensure availability by reasonable architecture which can reduce the effects of software failures and hardware failures, so that they can provide better experiences for their customers. In this paper, I mainly discuss the architectures of MySQL, MongoDB, and Redis, which are high available and have been deployed in practical application environment, and design a hybrid architecture.

SQL for dummies

CERN Document Server

Taylor, Allen G

2010-01-01

Learn SQL the fun and easy way – no programming experience needed!. SQL For Dummies, 7th Edition , shows programmers and web developers how to use SQL to build relational databases and get valuable information from them. This book covers the core features of the SQL language. Topics covered include how to use SQL to structure a DBMS and implement a database design; secure a database; and retrieve information from a database. This edition will be revised to reflect the new enhancements of SQL/XML:2008. The latest update of the perennial bestselling SQL For Dummies, which has sold more than 21

Pro Sql Azure

CERN Document Server

Klein, Scott

2010-01-01

SQL Azure represents Microsoft's cloud-based delivery of its enterprise-caliber, SQL Server database management system (formerly under the code name "Oslo"). Pro SQL Azure introduces you to this new platform, showing you how to program and administer it in a variety of cloud computing scenarios. You'll learn to program SQL Azure from Silverlight, ASP.NET, WinForms, and from SQL Reporting Services. You'll also understand how to manage the platform by planning for scalability, troubleshooting performance issues, and implementing strong security. * Shows how to use SQL Azure from Silver

SQL for dummies

CERN Document Server

Taylor, Allen G

2013-01-01

Uncover the secrets of SQL and start building better relational databases today!This fun and friendly guide will help you demystify database management systems so you can create more powerful databases and access information with ease. Updated for the latest SQL functionality, SQL For Dummies, 8th Edition covers the core SQL language and shows you how to use SQL to structure a DBMS, implement a database design, secure your data, and retrieve information when you need it. Includes new enhancements of SQL:2011, including temporal data functionality which a

Beginning MySQL

CERN Document Server

Sheldon, Robert

2005-01-01

Provides programmers with a complete foundation in MySQL, the multi-user, multi-threaded SQL database server that easily stores, updates, and accesses informationOffers detailed instructions for MySQL installation and configuration on either Windows or LinuxShows how to create a database, work with SQL, add and modify data, run queries, perform administrative tasks, and build database applicationsDemonstrates how to connect to a MySQL database from within PHP, Java, ASP, and ASP.NET applicationsCompanion Web site includes SQL statements needed to create and populate a database plus three ready

Detection of attack-targeted scans from the Apache HTTP Server access logs

Directory of Open Access Journals (Sweden)

Merve Baş Seyyar

2018-01-01

Full Text Available A web application could be visited for different purposes. It is possible for a web site to be visited by a regular user as a normal (natural visit, to be viewed by crawlers, bots, spiders, etc. for indexing purposes, lastly to be exploratory scanned by malicious users prior to an attack. An attack targeted web scan can be viewed as a phase of a potential attack and can lead to more attack detection as compared to traditional detection methods. In this work, we propose a method to detect attack-oriented scans and to distinguish them from other types of visits. In this context, we use access log files of Apache (or ISS web servers and try to determine attack situations through examination of the past data. In addition to web scan detections, we insert a rule set to detect SQL Injection and XSS attacks. Our approach has been applied on sample data sets and results have been analyzed in terms of performance measures to compare our method and other commonly used detection techniques. Furthermore, various tests have been made on log samples from real systems. Lastly, several suggestions about further development have been also discussed.

Flexible network reconstruction from relational databases with Cytoscape and CytoSQL.

Science.gov (United States)

Laukens, Kris; Hollunder, Jens; Dang, Thanh Hai; De Jaeger, Geert; Kuiper, Martin; Witters, Erwin; Verschoren, Alain; Van Leemput, Koenraad

2010-07-01

Molecular interaction networks can be efficiently studied using network visualization software such as Cytoscape. The relevant nodes, edges and their attributes can be imported in Cytoscape in various file formats, or directly from external databases through specialized third party plugins. However, molecular data are often stored in relational databases with their own specific structure, for which dedicated plugins do not exist. Therefore, a more generic solution is presented. A new Cytoscape plugin 'CytoSQL' is developed to connect Cytoscape to any relational database. It allows to launch SQL ('Structured Query Language') queries from within Cytoscape, with the option to inject node or edge features of an existing network as SQL arguments, and to convert the retrieved data to Cytoscape network components. Supported by a set of case studies we demonstrate the flexibility and the power of the CytoSQL plugin in converting specific data subsets into meaningful network representations. CytoSQL offers a unified approach to let Cytoscape interact with relational databases. Thanks to the power of the SQL syntax, this tool can rapidly generate and enrich networks according to very complex criteria. The plugin is available at http://www.ptools.ua.ac.be/CytoSQL.

SQL-RAMS

Science.gov (United States)

Alfaro, Victor O.; Casey, Nancy J.

2005-01-01

SQL-RAMS (where "SQL" signifies Structured Query Language and "RAMS" signifies Rocketdyne Automated Management System) is a successor to the legacy version of RAMS -- a computer program used to manage all work, nonconformance, corrective action, and configuration management on rocket engines and ground support equipment at Stennis Space Center. The legacy version resided in the File-Maker Pro software system and was constructed in modules that could act as standalone programs. There was little or no integration among modules. Because of limitations on file-management capabilities in FileMaker Pro, and because of difficulty of integration of FileMaker Pro with other software systems for exchange of data using such industry standards as SQL, the legacy version of RAMS proved to be limited, and working to circumvent its limitations too time-consuming. In contrast, SQL-RAMS is an integrated SQL-server-based program that supports all data-exchange software industry standards. Whereas in the legacy version, it was necessary to access individual modules to gain insight into a particular workstatus document, SQL-RAMS provides access through a single-screen presentation of core modules. In addition, SQL-RAMS enables rapid and efficient filtering of displayed statuses by predefined categories and test numbers. SQL-RAMS is rich in functionality and encompasses significant improvements over the legacy system. It provides users the ability to perform many tasks, which in the past required administrator intervention. Additionally, many of the design limitations have been corrected, allowing for a robust application that is user centric.

Usability of PostgreSQL

OpenAIRE

Zeng, Xi

2011-01-01

My topic of the thesis is usability of PostgreSQL. It presents basic information aboutPostgreSQL, such as its history, function, and comparison with one of the most popular databases - MySQL. PostgreSQL has been tested in different environments and with different programming languages. The research is based on the documents from PostgreSQL official website.The thesis introduces and proves the usability and the compatibility of PostgreSQL. PostgreSQL has been installed on Windows workstation a...

SQL in a Nutshell

CERN Document Server

Kline, Kevin; Hunt, Brand

2008-01-01

The essential reference to the SQL language used in today's most popular database products, this new edition of SQL in a Nutshell clearly documents every SQL command according to the latest ANSI standard. It also details how these commands are implemented in the Microsoft SQL Server 2008 and Oracle 11g commercial database packages, and the MySQL 5.1 and PostgreSQL 8.3 open source database products.

Beginning SQL Server Modeling Model-driven Application Development in SQL Server

CERN Document Server

Weller, Bart

2010-01-01

Get ready for model-driven application development with SQL Server Modeling! This book covers Microsoft's SQL Server Modeling (formerly known under the code name "Oslo") in detail and contains the information you need to be successful with designing and implementing workflow modeling. Beginning SQL Server Modeling will help you gain a comprehensive understanding of how to apply DSLs and other modeling components in the development of SQL Server implementations. Most importantly, after reading the book and working through the examples, you will have considerable experience using SQL M

Professional NoSQL

CERN Document Server

Tiwari, Shashank

2011-01-01

A hands-on guide to leveraging NoSQL databases NoSQL databases are an efficient and powerful tool for storing and manipulating vast quantities of data. Most NoSQL databases scale well as data grows. In addition, they are often malleable and flexible enough to accommodate semi-structured and sparse data sets. This comprehensive hands-on guide presents fundamental concepts and practical solutions for getting you ready to use NoSQL databases. Expert author Shashank Tiwari begins with a helpful introduction on the subject of NoSQL, explains its characteristics and typical uses, and looks at where

Using the Domain Name System to Thwart Automated Client-Based Attacks

Energy Technology Data Exchange (ETDEWEB)

Taylor, Curtis R [ORNL; Shue, Craig A [ORNL

2011-09-01

On the Internet, attackers can compromise systems owned by other people and then use these systems to launch attacks automatically. When attacks such as phishing or SQL injections are successful, they can have negative consequences including server downtime and the loss of sensitive information. Current methods to prevent such attacks are limited in that they are application-specific, or fail to block attackers. Phishing attempts can be stopped with email filters, but if the attacker manages to successfully bypass these filters, then the user must determine if the email is legitimate or not. Unfortunately, they often are unable to do so. Since attackers have a low success rate, they attempt to compensate for it in volume. In order to have this high throughput, attackers take shortcuts and break protocols. We use this knowledge to address these issues by implementing a system that can detect malicious activity and use it to block attacks. If the client fails to follow proper procedure, they can be classified as an attacker. Once an attacker has been discovered, they will be isolated and monitored. This can be accomplished using existing software in Ubuntu Linux applications, along with our custom wrapper application. After running the system and seeing its performance on three popular Web browsers Chromium, Firefox and Internet Explorer as well as two popular email clients, Thunderbird and Evolution, we found that not only is this system conceivable, it is effective and has low overhead.

NoSQL databases

OpenAIRE

Mrozek, Jakub

2012-01-01

This thesis deals with database systems referred to as NoSQL databases. In the second chapter, I explain basic terms and the theory of database systems. A short explanation is dedicated to database systems based on the relational data model and the SQL standardized query language. Chapter Three explains the concept and history of the NoSQL databases, and also presents database models, major features and the use of NoSQL databases in comparison with traditional database systems. In the fourth ...

PostgreSQL server programming

CERN Document Server

Krosing, Hannu

2013-01-01

This practical guide leads you through numerous aspects of working with PostgreSQL. Step by step examples allow you to easily set up and extend PostgreSQL. ""PostgreSQL Server Programming"" is for moderate to advanced PostgreSQL database professionals. To get the best understanding of this book, you should have general experience in writing SQL, a basic idea of query tuning, and some coding experience in a language of your choice.

NoSQL for dummies

CERN Document Server

Fowler, Adam

2015-01-01

Get up to speed on the nuances of NoSQL databases and what they mean for your organization This easy to read guide to NoSQL databases provides the type of no-nonsense overview and analysis that you need to learn, including what NoSQL is and which database is right for you. Featuring specific evaluation criteria for NoSQL databases, along with a look into the pros and cons of the most popular options, NoSQL For Dummies provides the fastest and easiest way to dive into the details of this incredible technology. You'll gain an understanding of how to use NoSQL databases for mission-critical enter

Practical PostgreSQL

CERN Document Server

Drake, Joshua

2011-01-01

Arguably the most capable of all the open source databases, PostgreSQL is an object-relational database management system first developed in 1977 by the University of California at Berkeley. In spite of its long history, this robust database suffers from a lack of easy-to-use documentation. Practical PostgreSQL fills that void with a fast-paced guide to installation, configuration, and usage. This comprehensive new volume shows you how to compile PostgreSQL from source, create a database, and configure PostgreSQL to accept client-server connections. It also covers the many advanced

PKI Layer Cake: New Collision Attacks against the Global X.509 Infrastructure

Science.gov (United States)

Kaminsky, Dan; Patterson, Meredith L.; Sassaman, Len

Research unveiled in December of 2008 [15] showed how MD5's long-known flaws could be actively exploited to attack the real-worldCertification Authority infrastructure. In this paper, we demonstrate two new classes of collision, which will be somewhat trickier to address than previous attacks against X.509: the applicability of MD2 preimage attacks against the primary root certificate for Verisign, and the difficulty of validating X.509 Names contained within PKCS#10 Certificate Requests.We also draw particular attention to two possibly unrecognized vectors for implementation flaws that have been problematic in the past: the ASN.1 BER decoder required to parsePKCS#10, and the potential for SQL injection fromtext contained within its requests. Finally, we explore why the implications of these attacks are broader than some have realized - first, because Client Authentication is sometimes tied to X.509, and second, because Extended Validation certificates were only intended to stop phishing attacks from names similar to trusted brands. As per the work of Adam Barth and Collin Jackson [4], EV does not prevent an attacker who can synthesize or acquire a "low assurance" certificate for a given name from acquiring the "green bar" EV experience.

PostgreSQL server programming

CERN Document Server

Dar, Usama; Mlodgenski, Jim; Roybal, Kirk

2015-01-01

This book is for moderate to advanced PostgreSQL database professionals who wish to extend PostgreSQL, utilizing the most updated features of PostgreSQL 9.4. For a better understanding of this book, familiarity with writing SQL, a basic idea of query tuning, and some coding experience in your preferred language is expected.

MS-SQL data base programming

Energy Technology Data Exchange (ETDEWEB)

Noh, Chang Bae; Kim, Nam Jung; Lee, Hyeong Gyo

2002-07-15

This is about MS-SQL data base programming which is divided into thirteen chapters. The contents of this book are to understand MS-SQL 2000 DBMS with its composition, new function and history of MS-SQL, to learn conception of data base, install, run and closing of MS-SQL 2000 DBMS, to deal with the basic of MS-SQL DBMS, to handle the intermediate level of MS-SQL DBMS, to deal with MS-SQL DBMS in advanced level, to practice query like changing data base and checking of data lists, function on its use and data diff, get date, date add, char, upper and system function, set-up of MS-SQL ODBC, constructing of web server of windows 2000, web programming using visual studio.net.making board and making reference room.

MS-SQL data base programming

International Nuclear Information System (INIS)

Noh, Chang Bae; Kim, Nam Jung; Lee, Hyeong Gyo

2002-07-01

This is about MS-SQL data base programming which is divided into thirteen chapters. The contents of this book are to understand MS-SQL 2000 DBMS with its composition, new function and history of MS-SQL, to learn conception of data base, install, run and closing of MS-SQL 2000 DBMS, to deal with the basic of MS-SQL DBMS, to handle the intermediate level of MS-SQL DBMS, to deal with MS-SQL DBMS in advanced level, to practice query like changing data base and checking of data lists, function on its use and data diff, get date, date add, char, upper and system function, set-up of MS-SQL ODBC, constructing of web server of windows 2000, web programming using visual studio.net.making board and making reference room.

Professional SQL Server 2005 administration

CERN Document Server

Knight, Brian; Snyder, Wayne; Armand, Jean-Claude; LoForte, Ross; Ji, Haidong

2007-01-01

SQL Server 2005 is the largest leap forward for SQL Server since its inception. With this update comes new features that will challenge even the most experienced SQL Server DBAs. Written by a team of some of the best SQL Server experts in the industry, this comprehensive tutorial shows you how to navigate the vastly changed landscape of the SQL Server administration. Drawing on their own first-hand experiences to offer you best practices, unique tips and tricks, and useful workarounds, the authors help you handle even the most difficult SQL Server 2005 administration issues, including blockin

Beginning Microsoft SQL Server 2012 Programming

CERN Document Server

Atkinson, Paul

2012-01-01

Get up to speed on the extensive changes to the newest release of Microsoft SQL Server The 2012 release of Microsoft SQL Server changes how you develop applications for SQL Server. With this comprehensive resource, SQL Server authority Robert Vieira presents the fundamentals of database design and SQL concepts, and then shows you how to apply these concepts using the updated SQL Server. Publishing time and date with the 2012 release, Beginning Microsoft SQL Server 2012 Programming begins with a quick overview of database design basics and the SQL query language and then quickly proceeds to sho

Managing and Using MySQL

CERN Document Server

Reese, George; King, Tim

2002-01-01

MySQL is a popular and robust open source database product that supports key subsets of SQL on both Linux and Unix systems. MySQL is free for nonprofit use and costs a small amount for commercial use. Unlike commercial databases, MySQL is affordable and easy to use. This book includes introductions to SQL and to relational database theory. If you plan to use MySQL to build web sites or other Linux or Unix applications, this book teaches you to do that, and it will remain useful as a reference once you understand the basics. Ample tutorial material and examples are included throughout.

F-DDIA: A Framework for Detecting Data Injection Attacks in Nonlinear Cyber-Physical Systems

Directory of Open Access Journals (Sweden)

Jingxuan Wang

2017-01-01

Full Text Available Data injection attacks in a cyber-physical system aim at manipulating a number of measurements to alter the estimated real-time system states. Many researchers recently focus on how to detect such attacks. However, most of the detection methods do not work well for the nonlinear systems. In this paper, we present a compressive sampling methodology to identify the attack, which allows determining how many and which measurement signals are launched. The sparsity feature is used. Generally, our methodology can be applied to both linear and nonlinear systems. The experimental testing, which includes realistic load patterns from NYISO with various attack scenarios in the IEEE 14-bus system, confirms that our detector performs remarkably well.

SQL and Multidimensional Data

Directory of Open Access Journals (Sweden)

Mihaela MUNTEAN

2006-01-01

Full Text Available Using SQL you can manipulate multidimensional data and extract that data into a relational table. There are many PL/SQL packages that you can use directly in SQL*Plus or indirectly in Analytic Workspace Manager and OLAP Worksheet. In this article I discussed about some methods that you can use for manipulating and extracting multidimensional data.

Microsoft SQL Server 2012 bible

CERN Document Server

Jorgensen, Adam; LeBlanc, Patrick; Cherry, Denny; Nelson, Aaron

2012-01-01

Harness the powerful new SQL Server 2012 Microsoft SQL Server 2012 is the most significant update to this product since 2005, and it may change how database administrators and developers perform many aspects of their jobs. If you're a database administrator or developer, Microsoft SQL Server 2012 Bible teaches you everything you need to take full advantage of this major release. This detailed guide not only covers all the new features of SQL Server 2012, it also shows you step by step how to develop top-notch SQL Server databases and new data connections and keep your databases performing at p

PostgreSQL in the database landscape

CERN Multimedia

CERN. Geneva; Riggs, Simon

2013-01-01

This presentation targets the exposure of PostgreSQL and its main highlights in two parts: PostgreSQL today, by Harald Armin Massa This will explore the functionalities and capabilities of PostgreSQL; point out differences to other available databases; give information about the PostgreSQL project how it ensures the quality of this software. PostgreSQL and Extremely Large Databases, by Simon Riggs presenting an outlook on what is happening with PostgreSQL and Extremely Large Databases. About the speakers Simon Riggs is founder and CTO of 2ndQuadrant. He is working in the AXLE project. He works as an Architect and Developer of new features for PostgreSQL, setting technical directions for 2ndQuadrant and as a Database Systems Architect for 2ndQuadrant customers. Simon is the author of PostgreSQL 9 Admin Cookbook; and a committer to the PostgreSQL project. Harald Armin Massa studied computers and economics, he's self employed since 1999, doing software development in Python and ...

Assessing the Stability and Robustness of Semantic Web Services Recommendation Algorithms Under Profile Injection Attacks

Directory of Open Access Journals (Sweden)

GRANDIN, P. H.

2014-06-01

Full Text Available Recommendation systems based on collaborative filtering are open by nature, what makes them vulnerable to profile injection attacks that insert biased evaluations in the system database in order to manipulate recommendations. In this paper we evaluate the stability and robustness of collaborative filtering algorithms applied to semantic web services recommendation when submitted to random and segment profile injection attacks. We evaluated four algorithms: (1 IMEAN, that makes predictions using the average of the evaluations received by the target item; (2 UMEAN, that makes predictions using the average of the evaluation made by the target user; (3 an algorithm based on the k-nearest neighbor (k-NN method and (4, an algorithm based on the k-means clustering method.The experiments showed that the UMEAN algorithm is not affected by the attacks and that IMEAN is the most vulnerable of all algorithms tested. Nevertheless, both UMEAN and IMEAN have little practical application due to the low precision of their predictions. Among the algorithms with intermediate tolerance to attacks but with good prediction performance, the algorithm based on k-nn proved to be more robust and stable than the algorithm based on k-means.

Learning MySQL

CERN Document Server

Tahaghoghi, Saied M M

2007-01-01

Whether you're running a business, keeping track of members andmeetings for a club, or just trying to organize a large and diversecollection of information, you'll find the MySQL database engineuseful for answering questions such as: Which are my top ten fastest-selling products?How frequently does this person come to our facility?What was the highest, lowest, and average score of the team last season? MySQL, the most popular open-source database, offers the power ofa relational database in a package that's easy to set up andadminister, and Learning MySQL provides all the tools you need to

NoSQL2 : administrando banco de dados NoSQL com a linguagem SQL

OpenAIRE

Souza, Jane Adriana

2017-01-01

Nos últimos anos, novos modelos de banco de dados, chamados NoSQL (Not Only SQL) estão sendo considerados alternativas para a gestão de grandes volumes de dados - Big Data, pois gerenciam e armazenam os dados de forma eficiente, possuem alta escalabilidade, disponibilidade e desempenho satisfatório. A administração de bancos de dados implica na execução de tarefas, tais como criação de bases e objetos, atribuição de privilégios, realização de backups, dentre outras atividades. A execução dess...

EPICS MySQL Archiver - integration between EPICS and MySQL

International Nuclear Information System (INIS)

Roy, A.; Bhole, R.B.; Pal, S.; Sarkar, D.

2012-01-01

The performance evaluation and analysis of intersystem dependency of the various subsystems of the Superconducting Cyclotron (SCC) demand a well configured data logging, archiving and historic analysis facility for large number of control parameters along with on-line failure analysis facility of every system. Experimental Physics and Industrial Control System (EPICS) is used as development architecture of the control system of these systems with MySQL as database for large amount of relational data management. This combination requires integration between EPICS and MySQL server. For this purpose, MySQL Archiver as an EPICS Extension is developed for data logging and archiving of control parameters into MySQL database. This extension also provides a web based tool for online monitoring of control parameters and historic analysis of archived data. This paper describes the software architecture, implementation, as well as method of configuration for any other EPICS based control system as a utility. This facility is also elaborated with examples, web page views and experiences of deploying it in SCC. (author)

Migration Between NoSQL Databases

OpenAIRE

Opačak, Damir

2013-01-01

The thesis discusses the differences and, consequently, potential problems that may arise when migrating between different types of NoSQL databases. The first chapters introduce the reader to the issues of relational databases and present the beginnings of NoSQL databases. The following chapters present different types of NoSQL databases and some of their representatives with the aim to show specific features of NoSQL databases and the fact that each of them was developed to solve specifi...

PostgreSQL database performance optimization

OpenAIRE

Wang, Qiang

2011-01-01

The thesis was request by Marlevo software Oy for a general description of the PostgreSQL database and its performance optimization technics. Its purpose was to help new PostgreSQL users to quickly understand the system and to assist DBAs to improve the database performance. The thesis was divided into two parts. The first part described PostgreSQL database optimization technics in theory. In additional popular tools were also introduced. This part was based on PostgreSQL documentation, r...

NoSQL for mere mortals

CERN Document Server

Sullivan, Dan

2015-01-01

The Easy, Common-Sense Guide to Solving Real Problems with NoSQL The" Mere Mortals" "(r)" tutorials have earned worldwide praise as the clearest, simplest way to master essential database technologies. Now, there s one for today s exciting new NoSQL databases. "NoSQL for Mere Mortals" guides you through solving real problems with NoSQL and achieving unprecedented scalability, cost efficiency, flexibility, and availability. Drawing on 20+ years of cutting-edge database experience, Dan Sullivan explains the advantages, use cases, and terminology associated with all four main categories of NoSQL databases: key-value, document, column family, and graph databases. For each, he introduces pragmatic best practices for building high-value applications. Through step-by-step examples, you ll discover how to choose the right database for each task, and use it the right way. Coverage includes --Getting started: What NoSQL databases are, how they differ from relational databases, when to use them, and when "not" to Data m...

PostgreSQL cookbook

CERN Document Server

Chauhan, Chitij

2015-01-01

If you are a system administrator, database administrator, architect, developer, or anyone with an interest in planning, managing, and designing database solutions using PostgreSQL, this is the book for you. This book is suited for you if you have some prior experience with any relational database or with the SQL language.

TabSQL: a MySQL tool to facilitate mapping user data to public databases.

Science.gov (United States)

Xia, Xiao-Qin; McClelland, Michael; Wang, Yipeng

2010-06-23

With advances in high-throughput genomics and proteomics, it is challenging for biologists to deal with large data files and to map their data to annotations in public databases. We developed TabSQL, a MySQL-based application tool, for viewing, filtering and querying data files with large numbers of rows. TabSQL provides functions for downloading and installing table files from public databases including the Gene Ontology database (GO), the Ensembl databases, and genome databases from the UCSC genome bioinformatics site. Any other database that provides tab-delimited flat files can also be imported. The downloaded gene annotation tables can be queried together with users' data in TabSQL using either a graphic interface or command line. TabSQL allows queries across the user's data and public databases without programming. It is a convenient tool for biologists to annotate and enrich their data.

Discovering SQL A Hands-On Guide for Beginners

CERN Document Server

Kriegel, Alex

2011-01-01

Teaching the SQL skills that businesses demand when hiring programmers If you're a SQL beginner, you don't just want to learn SQL basics, you also want to get some practical SQL skills you can use in the job market. This book gives you both. Covering the basics through intermediate topics with clear explanations, hands-on exercises, and helpful solutions, this book is the perfect introduction to SQL. Topics include both the current SQL:2008 standards, the upcoming SQL:2011 standards, and also how to use SQL against current releases of the most popular commercial SQL databases, such as Oracle,

Fuzzy improvement of the SQL

Directory of Open Access Journals (Sweden)

Hudec Miroslav

2011-01-01

Full Text Available Structured Query Language (SQL is used to obtain data from relational databases. Fuzzy improvement of SQL queries has advantages in cases when the user cannot unambiguously define selection criteria or when the user wants to examine data that almost meet the given criteria. In this paper we examine a realization of the fuzzy querying concept. For this purposes the fuzzy generalized logical condition for the WHERE part of the SQL is created. It allows users to create queries by linguistic terms. The proposed model is an extension of the SQL so that no modification inside databases has to be undertaken.

SQL All-in-One For Dummies

CERN Document Server

Taylor, Allen G

2011-01-01

The soup-to-nuts guide on all things SQL!. SQL, or structured query language ,  is the international standard language for creating and maintaining relational databases. It is the basis of all major databases in use today and is essential for the storage and retrieval of database information. This fun and friendly guide takes SQL and all its related topics and breaks it down into easily digestible pieces for you to understand. You'll get the goods on relational database design, development, and maintenance, enabling you to start working with SQL right away!: Provides an overview of the SQL lan

Professional Microsoft SQL Server 2012 Administration

CERN Document Server

Jorgensen, Adam; LoForte, Ross; Knight, Brian

2012-01-01

An essential how-to guide for experienced DBAs on the most significant product release since 2005! Microsoft SQL Server 2012 will have major changes throughout the SQL Server and will impact how DBAs administer the database. With this book, a team of well-known SQL Server experts introduces the many new features of the most recent version of SQL Server and deciphers how these changes will affect the methods that administrators have been using for years. Loaded with unique tips, tricks, and workarounds for handling the most difficult SQL Server admin issues, this how-to guide deciphers topics s

Oracle PL/SQL Programming

CERN Document Server

Feuerstein, Steven

2009-01-01

This book is the definitive reference on PL/SQL, considered throughout the database community to be the best Oracle programming book available. Like its predecessors, this fifth edition of Oracle PL/SQL Programming covers language fundamentals, advanced coding techniques, and best practices for using Oracle's powerful procedural language. Thoroughly updated for Oracle Database 11g Release 2, this edition reveals new PL/SQL features and provides extensive code samples, ranging from simple examples to complex and complete applications, in the book and on the companion website. This indispensab

76 FR 26729 - Ceridian Corporation; Analysis of Proposed Consent Order to Aid Public Comment

Science.gov (United States)

2011-05-09

... result of these failures, hackers executed an SQL injection attack on the Powerpay Web site and Web application. Through this attack, the hackers found personal information stored in Powerpay on Ceridian's...

Weems: An extensible HTTP honeypot

CSIR Research Space (South Africa)

Pearson, D

2017-09-01

Full Text Available on the server [12]. When code is injected into an application it is generally done so in a string format with the attempt to get the application to read the string as executable code. The most popular code injection attack is SQL injection (SQLi). This attack... lure an attacker away from valuable network resources, warn network administrators of possible exploitation or provide valuable data for an in-depth examination of attack methods [2]. This philosophy of luring attackers to a web server designed...

Classification of HTTP Attacks: A Study on the ECML/PKDD 2007 Discovery Challenge

Energy Technology Data Exchange (ETDEWEB)

Gallagher, Brian [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States); Eliassi-Rad, Tina [Lawrence Livermore National Lab. (LLNL), Livermore, CA (United States)

2009-07-08

As the world becomes more reliant on Web applications for commercial, financial, and medical transactions, cyber attacks on the World Wide Web are increasing in frequency and severity. Web applications provide an attractive alternative to traditional desktop applications due to their accessibility and ease of deployment. However, the accessibility of Web applications also makes them extremely vulnerable to attack. This inherent vulnerability is intensified by the distributed nature ofWeb applications and the complexity of configuring application servers. These factors have led to a proliferation of Web-based attacks, in which attackers surreptitiously inject code into HTTP requests, allowing them to execute arbitrary commands on remote systems and perform malicious activities such as reading, altering, or destroying sensitive data. One approach for dealing with HTTP-based attacks is to identify malicious code in incoming HTTP requests and eliminate bad requests before they are processed. Using machine learning techniques, we can build a classifier to automatically label requests as “Valid” or “Attack.” For this study, we develop a simple, but effective HTTP attack classifier, based on the vector space model used commonly for Information Retrieval. Our classifier not only separates attacks from valid requests, but can also identify specific attack types (e.g., “SQL Injection” or “Path Traversal”). We demonstrate the effectiveness of our approach through experiments on the ECML/PKDD 2007 Discovery Challenge data set. Specifically, we show that our approach achieves higher precision and recall than previous methods. In addition, our approach has a number of desirable characteristics, including robustness to missing contextual information, interpretability of models, and scalability.

Oracle SQL Tuning pocket Reference

CERN Document Server

Gurry, Mark

2002-01-01

One of the most important challenges faced by Oracle database administrators and Oracle developers is the need to tune SQL statements so that they execute efficiently. Poorly tuned SQL statements are one of the leading causes of substandard database performance and poor response time. SQL statements that perform poorly result in frustration for users, and can even prevent a company from serving its customers in a timely manner

Oracle PL/SQL programming

CERN Document Server

Feuerstein, Steven

2014-01-01

Considered the best Oracle PL/SQL programming guide by the Oracle community, this definitive guide is precisely what you need to make the most of Oracle’s powerful procedural language. The sixth edition describes the features and capabilities of PL/SQL up through Oracle Database 12c Release 1. Hundreds of thousands of PL/SQL developers have benefited from this book over the last twenty years; this edition continues that tradition. With extensive code examples and a lively sense of humor, this book explains language fundamentals, explores advanced coding techniques, and offers best practices to help you solve real-world problems. * Get PL/SQL programs up and running quickly, with clear instructions for executing, tracing, testing, debugging, and managing code * Understand new 12.1 features, including the ACCESSIBLE_BY clause, WITH FUNCTION and UDF pragma, BEQUEATH CURRENT_USER for views, and new conditional compilation directives * Take advantage of extensive code samples, from easy-to-follow examples to reu...

Squeezing in an injection-locked semiconductor laser

Science.gov (United States)

Inoue, S.; Machida, S.; Yamamoto, Y.; Ohzu, H.

1993-09-01

The intensity-noise properties of an injection-locked semiconductor laser were studied experimentally. The constant-current-driven semiconductor laser producing the amplitude-squeezed state whose intensity noise was reduced below the standard quantum limit (SQL) by 0.72 dB was injection-locked by an external master laser. The measured intensity-noise level of the injection-locked semiconductor laser was 0.91 dB below the SQL. This experimental result indicates that a phase-coherent amplitude-squeezed state or squeezed vacuum state together with a reference local oscillator wave can be generated directly by semiconductor laser systems.

Oracle NoSQL databáze

OpenAIRE

Chlomek, Lukáš

2015-01-01

This thesis deals with the theme of NoSQL databases. The theoretical part describes, the reasons for the creation of this databases trend, their basic properties and the most widely used NoSQL data models. The practical part introduces readers with one representative of NoSQL key-value data model, Oracle NoSQL. Following is a sample of work with records of this database, using created test program. End of work includes a short practical demon-stration of manipulation with tables in the reposi...

Microsoft SQL serveris 2008 Pārskatu servisi.

OpenAIRE

Vugulis, Kristaps

2010-01-01

Darbā apskatīts un vispārīgi raksturots MS SQL Server 2008 Pārskatu Serviss, tājā iekļauti rīki un lietojumprogrammas.Praktiskā daļa ir veltīta divu DBVS - MS SQL Server un MySQL salīdzināšanai, SQL Server 2008 uzstādīšanai un Pārskatu Servera konfigurācijai. Atslēgvārdi: SQL serveris, pārskats, biznesa inteliģence, datu bāzes vadības sistēma

Joe Celko's complete guide to NoSQL what every SQL professional needs to know about non-relational databases

CERN Document Server

Celko, Joe

2013-01-01

Joe Celko's Complete Guide to NoSQL provides a complete overview of non-relational technologies so that you can become more nimble to meet the needs of your organization. As data continues to explode and grow more complex, SQL is becoming less useful for querying data and extracting meaning. In this new world of bigger and faster data, you will need to leverage non-relational technologies to get the most out of the information you have. Learn where, when, and why the benefits of NoSQL outweigh those of SQL with Joe Celko's Complete Guide to NoSQL. This book covers three areas that make toda

Oracle PL/SQL Language Pocket Reference

CERN Document Server

Feuerstein, Steven; Dawes, Chip

2007-01-01

The fourth edition of this popular pocket guide provides quick-reference information that will help you use Oracle's PL/SQL language, including the newest Oracle Database 11g features. A companion to Steven Feuerstein and Bill Pribyl's bestselling Oracle PL/SQL Programming, this concise guide boils down the most vital PL/SQL information into an accessible summary

NoSQL-tietokannat : perusominaisuudet ja luokittelu

OpenAIRE

Soikkeli, Tuomas

2015-01-01

NoSQL-tietokannat ovat olleet eräitä 2000-luvun kiistellyimmistä teknologioista. Niiden käyttötarkoituksista tai hyödyllisyydestä ei ole yleisesti hyväksyttyä tutkimustietoa, johtuen NoSQL-tietokantojen kehittymättömyydestä ja nuoresta iästä. Tämän tutkielman tarkoituksena on selvittää, miten NoSQL-tietokantoja voidaan luokitella ja mitkä ovat niiden käyttökohteet. Tätä varten kerrotaan ensin, miten NoSQL-tietokannat ovat kehittyneet ja minkälaisia ominaispiirteiltä niillä on. Sitten kuvataan...

A Typeful Integration of SQL into Curry

Directory of Open Access Journals (Sweden)

Michael Hanus

2017-01-01

Full Text Available We present an extension of the declarative programming language Curry to support the access to data stored in relational databases via SQL. Since Curry is statically typed, our emphasis on this SQL integration is on type safety. Our extension respects the type system of Curry so that run-time errors due to ill-typed data are avoided. This is obtained by preprocessing SQL statements at compile time and translating them into type-safe database access operations. As a consequence, the type checker of the Curry system can spot type errors in SQL statements at compile time. To generate appropriately typed access operations, the preprocessor uses an entity-relationship (ER model describing the structure of the relational data. In addition to standard SQL, SQL statements embedded in Curry can include program expressions and also relationships specified in the ER model. The latter feature is useful to avoid the error-prone use of foreign keys. As a result, our SQL integration supports a high-level and type-safe access to databases in Curry programs.

Head first PHP and MySQL

CERN Document Server

Beighley, Lynn

2008-01-01

If you're ready to create web pages more complex than those you can build with HTML and CSS, Head First PHP & MySQL is the ultimate learning guide to building dynamic, database-driven websites using PHP and MySQL. Packed with real-world examples, this book teaches you all the essentials of server-side programming, from the fundamentals of PHP and MySQL coding to advanced topics such as form validation, session IDs, cookies, database queries and joins, file I/O operations, content management, and more. Head First PHP & MySQL offers the same visually rich format that's turned every title in th

Oracle SQL tuning with Oracle SQLTXPLAIN

CERN Document Server

Charalambides, Stelios

2013-01-01

Oracle SQL Tuning with SQLTXPLAIN is a practical guide to SQL tuning the way Oracle's own experts do it, using a freely downloadable tool called SQLTXPLAIN. Using this simple tool you'll learn how to tune even the most complex SQL, and you'll learn to do it quickly, without the huge learning curve usually associated with tuning as a whole.  Firmly based in real world problems, this book helps you reclaim system resources and avoid the most common bottleneck in overall performance, badly tuned SQL.  You'll learn how the optimizer works, how to take advantage of its latest features, and when it'

Migration from relational to NoSQL database

Science.gov (United States)

Ghotiya, Sunita; Mandal, Juhi; Kandasamy, Saravanakumar

2017-11-01

Data generated by various real time applications, social networking sites and sensor devices is of very huge amount and unstructured, which makes it difficult for Relational database management systems to handle the data. Data is very precious component of any application and needs to be analysed after arranging it in some structure. Relational databases are only able to deal with structured data, so there is need of NoSQL Database management System which can deal with semi -structured data also. Relational database provides the easiest way to manage the data but as the use of NoSQL is increasing it is becoming necessary to migrate the data from Relational to NoSQL databases. Various frameworks has been proposed previously which provides mechanisms for migration of data stored at warehouses in SQL, middle layer solutions which can provide facility of data to be stored in NoSQL databases to handle data which is not structured. This paper provides a literature review of some of the recent approaches proposed by various researchers to migrate data from relational to NoSQL databases. Some researchers proposed mechanisms for the co-existence of NoSQL and Relational databases together. This paper provides a summary of mechanisms which can be used for mapping data stored in Relational databases to NoSQL databases. Various techniques for data transformation and middle layer solutions are summarised in the paper.

SQL based cardiovascular ultrasound image classification.

Science.gov (United States)

Nandagopalan, S; Suryanarayana, Adiga B; Sudarshan, T S B; Chandrashekar, Dhanalakshmi; Manjunath, C N

2013-01-01

This paper proposes a novel method to analyze and classify the cardiovascular ultrasound echocardiographic images using Naïve-Bayesian model via database OLAP-SQL. Efficient data mining algorithms based on tightly-coupled model is used to extract features. Three algorithms are proposed for classification namely Naïve-Bayesian Classifier for Discrete variables (NBCD) with SQL, NBCD with OLAP-SQL, and Naïve-Bayesian Classifier for Continuous variables (NBCC) using OLAP-SQL. The proposed model is trained with 207 patient images containing normal and abnormal categories. Out of the three proposed algorithms, a high classification accuracy of 96.59% was achieved from NBCC which is better than the earlier methods.

Network Monitoring for Web-Based Threats

Science.gov (United States)

2011-02-01

Using the HTP Package [49] 52 Figure 5-42: SQL Injection Using the CXTSYS Package [49] 52 Figure 5-43: Bypassing the PL/SQL Exclusion List with...forced browsing28 [19]. This method consists of simply manually submitting different HTTP requests. An attacker will often submit requests involving... manually modifying the orderID field could give the attacker access to another order that he or she should not have access to, as shown in Figure 4-7

What Can NoSQL Serve an Enterprise

Directory of Open Access Journals (Sweden)

Helena Palovská

2015-07-01

Full Text Available Strengths and limitations of relational database model and SQL databases are rethought. Universality of SQL knowledge, “universal database” engine and symmetric querying are found to be the main strengths of SQL databases. Need of centralized database and thus limited data volume manageable, relative stability of database schema and limited set of query types processed efficiently are seen as the main limitations. As well, limitation of ACID (atomicity, consistency, isolation, durability architecture is expounded; this found to be the poor performance in case of distributed data processing. Formed types of NoSQL databases are listed, with their features and scope of strength outlined. Finally, recommendations in what cases different types of NoSQL stores to apply are summarized

Improved Information Retrieval Performance on SQL Database Using Data Adapter

Science.gov (United States)

Husni, M.; Djanali, S.; Ciptaningtyas, H. T.; Wicaksana, I. G. N. A.

2018-02-01

The NoSQL databases, short for Not Only SQL, are increasingly being used as the number of big data applications increases. Most systems still use relational databases (RDBs), but as the number of data increases each year, the system handles big data with NoSQL databases to analyze and access data more quickly. NoSQL emerged as a result of the exponential growth of the internet and the development of web applications. The query syntax in the NoSQL database differs from the SQL database, therefore requiring code changes in the application. Data adapter allow applications to not change their SQL query syntax. Data adapters provide methods that can synchronize SQL databases with NotSQL databases. In addition, the data adapter provides an interface which is application can access to run SQL queries. Hence, this research applied data adapter system to synchronize data between MySQL database and Apache HBase using direct access query approach, where system allows application to accept query while synchronization process in progress. From the test performed using data adapter, the results obtained that the data adapter can synchronize between SQL databases, MySQL, and NoSQL database, Apache HBase. This system spends the percentage of memory resources in the range of 40% to 60%, and the percentage of processor moving from 10% to 90%. In addition, from this system also obtained the performance of database NoSQL better than SQL database.

Ultrabroadband photonic internet: safety aspects

Science.gov (United States)

Kalicki, Arkadiusz; Romaniuk, Ryszard

2008-11-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application frameworks together with careless development results in high number of vulnerabilities and attacks. There are several types of attacks possible because of improper input validation. SQL injection is ability to execute arbitrary SQL queries in a database through an existing application. Cross-site scripting is the vulnerability which allows malicious web users to inject code into the web pages viewed by other users. Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains malicious request. Web spam in blogs. There are several techniques to mitigate attacks. Most important are web application strong design, correct input validation, defined data types for each field and parameterized statements in SQL queries. Server hardening with firewall, modern security policies systems and safe web framework interpreter configuration are essential. It is advised to keep proper security level on client side, keep updated software and install personal web firewalls or IDS/IPS systems. Good habits are logging out from services just after finishing work and using even separate web browser for most important sites, like e-banking.

Laboratorio de PHP y MySQL, febrer 2010

OpenAIRE

Berni Millet, Pietro; Gil de la Iglesia, Dídac

2010-01-01

El Laboratori de PHP i MySQL és un espai de pràctiques compartit per diverses assignatures de la UOC que tenen en comú un Sistema de Gestió de Bases de Dades (SGBD) d'arquitectura LAMP (Apache + PHP + MySQL). El Laboratorio de PHP y MySQL es un espacio de prácticas compartido por varias asignaturas de la UOC que tienen en común un Sistema de Gestión de Bases de Datos (SGBD) de arquitectura LAMP (Apache + PHP + MySQL). The PHP and MySQL Laboratory is a practical space shared by the UOC s...

The SQL++ Query Language: Configurable, Unifying and Semi-structured

OpenAIRE

Ong, Kian Win; Papakonstantinou, Yannis; Vernoux, Romain

2014-01-01

NoSQL databases support semi-structured data, typically modeled as JSON. They also provide limited (but expanding) query languages. Their idiomatic, non-SQL language constructs, the many variations, and the lack of formal semantics inhibit deep understanding of the query languages, and also impede progress towards clean, powerful, declarative query languages. This paper specifies the syntax and semantics of SQL++, which is applicable to both JSON native stores and SQL databases. The SQL++ sem...

Learning SQL Server Reporting Services 2012

CERN Document Server

Krishnaswamy, Jayaram

2013-01-01

The book is packed with clear instructions and plenty of screenshots, providing all the support and guidance you will need as you begin to generate reports with SQL Server 2012 Reporting Services.This book is for those who are new to SQL Server Reporting Services 2012 and aspiring to create and deploy cutting edge reports. This book is for report developers, report authors, ad-hoc report authors and model developers, and Report Server and SharePoint Server Integrated Report Server administrators. Minimal knowledge of SQL Server is assumed and SharePoint experience would be helpful.

PostgreSQL 8.3

Directory of Open Access Journals (Sweden)

Pavel Stěhule

2007-12-01

Full Text Available Práce na Open Source databázích pokračují nezadržitelným tempem. Vývojáři se musí vyrovnat s rostoucími požadavky uživatelů na objem dat ukládaných do databází, na náročnější požadavky na odezvu atd. Zatím nedostižnou metou je implementace celého standardu ANSI SQL 200x. Všechny databáze z velké trojky (Firebird, MySQL a PostgreSQL používají multigenerační architekturu, cenově orientované hledání optimálního prováděcího plánu, write ahead log atd. MySQL se profiluje jako SQL databáze schopná používat specializované databázové backendy schopné maximální efektivity pro určité konkrétní prostředí. PostgreSQL je široce použitelná databáze, těžící z vynikající stability, s perfektní rozšiřitelností a komfortním prostředím. Konečně Firebird je vynikající embeded databáze, která se osvědčuje v tisících instalacích na desktopech.Podle původního plánu mělo dojít k uvolnění verze 8.3 koncem léta - mělo jít o verzi obsahující patche dokončené pro 8.2, ale v té době nedostatečně otestované. Nakonec se ukázalo, že ty nejdůležitější patche je třeba dopracovat. Jednalo se o tak atraktivní vlastnosti, že se rozhodlo s vydáním nové verze počkat. 8.3 obsahuje integrovaný fulltext, podporu opožděného potvrzování (asynchronní commit, synchronizované sekvenční čtení datových souborů, úspornější ukládání dynamických datových typů (kratších 256byte, HOT updates a sofistikovanější aktualizaci indexů (hot indexes. Z patchů připravených pro 8.2 se v 8.3 neobjeví podpora bitmapových indexů a podpora aktualizovatelných pohledů. Původní řešení založené na pravidlech (rules bylo příliš komplikované. 8.3 obsahuje podporu aktualizovatelných kurzorů, a je docela dobře možné, že aktualizovatelné pohledy budou ve verzi 8.4 implementovány právě s pomocí této třídy kurzorů.Vývoj pokra

RFID Malware: Truth vs. Myth

NARCIS (Netherlands)

Rieback, M.R.; Crispo, B.; Tanenbaum, A.S.

The issues related to RFID malware along with proof-of-concept RFID virus are discussed. RFID exploits are traditionally hacking attacks that are identical to those found on Internet, such as buffer overflow, code insertion, and SQL injection attack. RFID warms copy the original exploit code to

Optimizing queries in SQL Server 2008

Directory of Open Access Journals (Sweden)

Ion LUNGU

2010-05-01

Full Text Available Starting from the need to develop efficient IT systems, we intend to review theoptimization methods and tools that can be used by SQL Server database administratorsand developers of applications based on Microsoft technology, focusing on the latestversion of the proprietary DBMS, SQL Server 2008. We’ll reflect on the objectives tobe considered in improving the performance of SQL Server instances, we will tackle themostly used techniques for analyzing and optimizing queries and we will describe the“Optimize for ad hoc workloads”, “Plan Freezing” and “Optimize for unknown" newoptions, accompanied by relevant code examples.

Evaluation d'une requete en SQL

OpenAIRE

Codat, Diana Sophia

2009-01-01

The objective of this paper is to show how the interrogation processor responds to SQL interrogation. The interrogation processor is split into two parts. The first, called the interrogation compiler translates an SQL query into a plan of physical execution. The second, called evaluation query runs the execution plan.

Joe Celko's Trees and Hierarchies in SQL for Smarties

CERN Document Server

Celko, Joe

2012-01-01

The demand for SQL information and training continues to grow with the need for a database behind every website capable of offering web-based information queries. SQL is the de facto standard for database retrieval, and if you need to access, update, or utilize data in a modern database management system, you will need SQL to do it. The Second Edition of Joe Celko's Trees and Hierarchies in SQL for Smarties covers two new sets of extensions over three entirely new chapters and expounds upon the changes that have occurred in SQL standards since the previous edition's public

Oracle PL/SQL Language Pocket Reference

CERN Document Server

Feuerstein, Steven; Dawes, Chip

2004-01-01

While it's good to have a book with all the answers--like your trusty copy of Oracle PL/SQL Programming-- how often do you need all the answers? More likely, you just need a reminder, a quick answer to a problem you're up against. For these times, nothing's handier than the new edition of the Oracle PL/SQL Language Pocket Reference by PL/SQL experts Stephen Feuerstein, Bill Pribyl, and Chip Dawes. Newly updated for Oracle10g, this little book is always at the ready for the quick problem solving you need. The 3rd edition of this popular mini-reference boils down the most vital information fr

Use of SQL Databases to Support Human Resource Management

OpenAIRE

Zeman, Jan

2011-01-01

Bakalářská práce se zaměřuje na návrh SQL databáze pro podporu Řízení lidských zdrojů a její následné vytvoření v programu MS SQL Server. This thesis focuses on the design of SQL database for support Human resources management and its creation in MS SQL Server. A

Sociālo tīklu lietotnes izveide izmantojot NoSQL

OpenAIRE

Molotoks, Askolds

2013-01-01

Maģistra darbā "Sociālo tīklu lietotnes izveide izmantojot NoSQL" tiek izveidotā lietotne, izmantojot NoSQL datu bāzi. NoSQL – ne tikai SQL ir jauna datu bāzes pieeja, kas ļauj izmantot dažādus veidus datu glabāšanai. Maģistra darbā tiek analizētas izstrādes pieejas, izmatojot SQL un NoSQL datu bāzes tehnoloģijas. Maģistra darbā ir iekļautas nodaļas, kurās ir aprakstīta sociālo tīklu vēsture, sociālie tīkli un lietotnes. Ir aprakstītas NoSQL atšķirības no SQL, kā arī apskatītas NoSQL datu ...

Executing Complexity-Increasing Queries in Relational (MySQL) and NoSQL (MongoDB and EXist) Size-Growing ISO/EN 13606 Standardized EHR Databases.

Science.gov (United States)

Sánchez-de-Madariaga, Ricardo; Muñoz, Adolfo; Castro, Antonio L; Moreno, Oscar; Pascual, Mario

2018-03-19

This research shows a protocol to assess the computational complexity of querying relational and non-relational (NoSQL (not only Structured Query Language)) standardized electronic health record (EHR) medical information database systems (DBMS). It uses a set of three doubling-sized databases, i.e. databases storing 5000, 10,000 and 20,000 realistic standardized EHR extracts, in three different database management systems (DBMS): relational MySQL object-relational mapping (ORM), document-based NoSQL MongoDB, and native extensible markup language (XML) NoSQL eXist. The average response times to six complexity-increasing queries were computed, and the results showed a linear behavior in the NoSQL cases. In the NoSQL field, MongoDB presents a much flatter linear slope than eXist. NoSQL systems may also be more appropriate to maintain standardized medical information systems due to the special nature of the updating policies of medical information, which should not affect the consistency and efficiency of the data stored in NoSQL databases. One limitation of this protocol is the lack of direct results of improved relational systems such as archetype relational mapping (ARM) with the same data. However, the interpolation of doubling-size database results to those presented in the literature and other published results suggests that NoSQL systems might be more appropriate in many specific scenarios and problems to be solved. For example, NoSQL may be appropriate for document-based tasks such as EHR extracts used in clinical practice, or edition and visualization, or situations where the aim is not only to query medical information, but also to restore the EHR in exactly its original form.

Executing Complexity-Increasing Queries in Relational (MySQL) and NoSQL (MongoDB and EXist) Size-Growing ISO/EN 13606 Standardized EHR Databases

Science.gov (United States)

Sánchez-de-Madariaga, Ricardo; Muñoz, Adolfo; Castro, Antonio L; Moreno, Oscar; Pascual, Mario

2018-01-01

This research shows a protocol to assess the computational complexity of querying relational and non-relational (NoSQL (not only Structured Query Language)) standardized electronic health record (EHR) medical information database systems (DBMS). It uses a set of three doubling-sized databases, i.e. databases storing 5000, 10,000 and 20,000 realistic standardized EHR extracts, in three different database management systems (DBMS): relational MySQL object-relational mapping (ORM), document-based NoSQL MongoDB, and native extensible markup language (XML) NoSQL eXist. The average response times to six complexity-increasing queries were computed, and the results showed a linear behavior in the NoSQL cases. In the NoSQL field, MongoDB presents a much flatter linear slope than eXist. NoSQL systems may also be more appropriate to maintain standardized medical information systems due to the special nature of the updating policies of medical information, which should not affect the consistency and efficiency of the data stored in NoSQL databases. One limitation of this protocol is the lack of direct results of improved relational systems such as archetype relational mapping (ARM) with the same data. However, the interpolation of doubling-size database results to those presented in the literature and other published results suggests that NoSQL systems might be more appropriate in many specific scenarios and problems to be solved. For example, NoSQL may be appropriate for document-based tasks such as EHR extracts used in clinical practice, or edition and visualization, or situations where the aim is not only to query medical information, but also to restore the EHR in exactly its original form. PMID:29608174

Is Your Cat Infected with a Computer Virus?

NARCIS (Netherlands)

Rieback, M.R.; Crispo, B.; Tanenbaum, A.S.

2006-01-01

RFID systems as a whole are often treated with suspicion, but the input data received from individual RFID tags is implicitly trusted. RFID attacks are currently conceived as properly formatted but fake RFID data; however no one expects an RFID tag to send a SQL injection attack or a buffer

Beginning SQL queries from novice to professional

CERN Document Server

Churcher, Clare

2016-01-01

Anyone who does any work at all with databases needs to know something of SQL. This is a friendly and easy-to-read guide to writing queries with the all-important - in the database world - SQL language. The author writes with exceptional clarity.

RANCANG BANGUN PERANGKAT LUNAK MANAJEMEN DATABASE SQL SERVER BERBASIS WEB

Directory of Open Access Journals (Sweden)

Muchammad Husni

2005-01-01

Full Text Available Normal 0 false false false IN X-NONE X-NONE MicrosoftInternetExplorer4 Microsoft SQL Server merupakan aplikasi desktop database server yang bersifat client/server, karena memiliki komponen client, yang  berfungsi menampilkan dan memanipulasi data; serta komponen server yang berfungsi menyimpan, memanggil, dan mengamankan database. Operasi-operasi manajemen semua server database dalam jaringan dilakukan administrator database dengan menggunakan tool administratif utama SQL Server yang bernama Enterprise Manager. Hal ini mengakibatkan administrator database hanya bisa  melakukan operasi-operasi tersebut di komputer yang telah diinstalasi Microsoft SQL Server. Pada penelitian ini, dirancang suatu aplikasi berbasis web dengan menggunakan ASP.Net untuk melakukan pengaturan database server. Aplikasi ini menggunakan ADO.NET yang memanfaatkan Transact-SQL dan stored procedure pada server untuk melakukan operasi-operasi manajemen database pada suatu server database SQL, dan menampilkannya ke dalam web. Administrator database bisa menjalankan aplikasi berbasis web tersebut dari komputer mana saja pada jaringan dan melakukan koneksi ke server database SQL dengan menggunakan web browser. Dengan demikian memudahkan administrator melakukan tugasnya tanpa harus menggunakan komputer server.   Kata Kunci : Transact-SQL, ASP.Net, ADO.NET, SQL Server

Pro SQL Server 2012 relational database design and implementation

CERN Document Server

Davidson, Louis

2012-01-01

Learn effective and scalable database design techniques in a SQL Server environment. Pro SQL Server 2012 Relational Database Design and Implementation covers everything from design logic that business users will understand, all the way to the physical implementation of design in a SQL Server database. Grounded in best practices and a solid understanding of the underlying theory, Louis Davidson shows how to "get it right" in SQL Server database design and lay a solid groundwork for the future use of valuable business data. Gives a solid foundation in best practices and relational theory Covers

Foundations of SQL Server 2008 R2 Business Intelligence

CERN Document Server

Fouche, Guy

2011-01-01

Foundations of SQL Server 2008 R2 Business Intelligence introduces the entire exciting gamut of business intelligence tools included with SQL Server 2008. Microsoft has designed SQL Server 2008 to be more than just a database. It's a complete business intelligence (BI) platform. The database is at its core, and surrounding the core are tools for data mining, modeling, reporting, analyzing, charting, and integration with other enterprise-level software packages. SQL Server 2008 puts an incredible amount of BI functionality at your disposal. But how do you take advantage of it? That's what this

Database theory and SQL practice using Access

International Nuclear Information System (INIS)

Kim, Gyeong Min; Lee, Myeong Jin

2001-01-01

This book introduces database theory and SQL practice using Access. It is comprised of seven chapters, which give description of understanding database with basic conception and DMBS, understanding relational database with examples of it, building database table and inputting data using access 2000, structured Query Language with introduction, management and making complex query using SQL, command for advanced SQL with understanding conception of join and virtual table, design on database for online bookstore with six steps and building of application with function, structure, component, understanding of the principle, operation and checking programming source for application menu.

Learning PHP, MySQL, and JavaScript

CERN Document Server

Nixon, Robin

2009-01-01

If you know HTML, this guide will have you building interactive websites quickly. You'll learn how to create responsive, data-driven websites with PHP, MySQL, and JavaScript, regardless of whether you already know how to program. Discover how the powerful combination of PHP and MySQL provides an easy way to build modern websites complete with dynamic data and user interaction. You'll also learn how to add JavaScript to create rich Internet applications and websites. Learning PHP, MySQL, and JavaScript explains each technology separately, shows you how to combine them, and introduces valuable

APLIKASI MOBILE SQL UNTUK ADMINISTRASI BASISDATA POSTGRESQL MEMANFAATKAN JAVA SERVLET

Directory of Open Access Journals (Sweden)

Erick Costanio

2008-01-01

Full Text Available Since a database administrator is not always be in a fix place, we need something that make it possible for the administrator to manage the database anywhere. A Mobile SQL technology is flexible enough for an administrator to do this maintenance job immediately, such as for query operation, and database recovery. Our goal is to develop such application using Java ME and Servlet technology, thus making it runs on every mobile device that has MIDP 2.0, CLDC 1.1, and GPRS enabled device. While on a server computer, it needs web server and a DBMS. For this purpose, an object-oriented DBMS Postgre has been choosen. The main features of this application are: executing SQL queries; creating tables and users; making database backup and recovery; creating and executing SQL procedural language – PL/pgSQL; and sending a log through email. This application will also notify another adminstrator through email for any changes that has been made in the database Abstract in Bahasa Indonesia: Mobile SQL adalah alat administrasi basisdata PostgreSQL berbasis mobile menggunakan koneksi HTTP. Teknologi mobile yang bersifat fleksibel membuat administrator dapat segera melakukan perawatan basisdata jika diperlukan tanpa harus berada di lokasi server. Pengembangan aplikasi menggunakan teknologi Java ME dan Servlet, serta dapat dijalankan menggunakan telepon seluler sebagai klien dengan spesifikasi MIDP 2.0, CLDC 1.1 dan GPRS yang telah diaktifkan, sedangkan untuk komputer server diperlukan web server dan DBMS. Fitur utama pada aplikasi ini antara lain: menjalankan perintah SQL, membuat tabel dan pengguna, melakukan backup dan recovery basisdata, menulis dan menjalankan bahasa prosedural SQL - PL/pgSQL, serta mengirim log melalui email. Aplikasi Mobile SQL dapat digunakan untuk melakukan administrasi basisdata menggunakan telepon seluler. Kata kunci: Mobile SQL, Java ME, DBMS, administrasi basisdata

Fault attacks, injection techniques and tools for simulation

NARCIS (Netherlands)

Piscitelli, R.; Bhasin, S.; Regazzoni, F.

2015-01-01

Faults attacks are a serious threat to secure devices, because they are powerful and they can be performed with extremely cheap equipment. Resistance against fault attacks is often evaluated directly on the manufactured devices, as commercial tools supporting fault evaluation do not usually provide

PHP and MySQL 24-Hour Trainer

CERN Document Server

Tarr, Andrea

2011-01-01

Step-by-step lessons for using PHP and MySQL in a unique book-and-video combination Assuming no previous experience with PHP or MySQL, this book-and-video package is ideal reading for anyone who wants to go beyond HTML/CSS in order to provide clients with the most dynamic web sites possible. The approachable tone breaks down the basics of programming and PHP and MySQL in individual lessons starting with the installation of the programs necessary to run PHP. You begin with a static web site and then watch and learn as PHP functionality is added as you work through the lessons. When working w

NoSQL Key-Value DBs Riak and Redis

Directory of Open Access Journals (Sweden)

Cristian Andrei BARON

2016-05-01

Full Text Available In the context of today's business needs we must focus on the NoSQL databases because they are the only alternative to the RDBMS that can resolve the modern problems related to storing different data structures, processing continue flows of data and fault tolerance. The object of the paper is to explain the NoSQL databases, the needs behind their appearance, the different types of NoSQL databases that current exist and to focus on two key-value databases, Riak and Redis.

Getting started with SQL Server 2012 cube development

CERN Document Server

Lidberg, Simon

2013-01-01

As a practical tutorial for Analysis Services, get started with developing cubes. ""Getting Started with SQL Server 2012 Cube Development"" walks you through the basics, working with SSAS to build cubes and get them up and running.Written for SQL Server developers who have not previously worked with Analysis Services. It is assumed that you have experience with relational databases, but no prior knowledge of cube development is required. You need SQL Server 2012 in order to follow along with the exercises in this book.

Web server attack analyzer

OpenAIRE

Mižišin, Michal

2013-01-01

Web server attack analyzer - Abstract The goal of this work was to create prototype of analyzer of injection flaws attacks on web server. Proposed solution combines capabilities of web application firewall and web server log analyzer. Analysis is based on configurable signatures defined by regular expressions. This paper begins with summary of web attacks, followed by detection techniques analysis on web servers, description and justification of selected implementation. In the end are charact...

Recommender System for Learning SQL Using Hints

Science.gov (United States)

Lavbic, Dejan; Matek, Tadej; Zrnec, Aljaž

2017-01-01

Today's software industry requires individuals who are proficient in as many programming languages as possible. Structured query language (SQL), as an adopted standard, is no exception, as it is the most widely used query language to retrieve and manipulate data. However, the process of learning SQL turns out to be challenging. The need for a…

Offense-Defense Balance in Cyberspace: A Proposed Model

Science.gov (United States)

2012-12-01

enable faster multitasking , the more computations per second can be accomplished. Increased processing speed will allow an attacker to send attacks...depend on what spam or DDoS needs to be accomplished with prices ranging from $30-$70 a day for DDoS to $10 for 1 million spam emails . 21 For...In addition to DDoS attacks on webservers, there were web defacements (using various tools such as SQL injections) and email flooding. The attacks

Development of a parallel DBMS on the basis of PostgreSQL

OpenAIRE

Pan, C.

2011-01-01

The paper describes the architecture and the design of PargreSQL parallel database management system (DBMS) for distributed memory multiprocessors. PargreSQL is based upon PostgreSQL open-source DBMS and exploits partitioned parallelism.

Microsoft SQL Server 2012 Business Intelligence ja sen tuomat uudistukset

OpenAIRE

Luoma, Lauri

2013-01-01

Insinöörityö käsittelee Metropolia Ammattikorkeakoulun Microsoft Business Intelligence (BI) ratkaisut -kurssilla käytetyn laboratoriomanuaalin MCTS Self-Paced Training Kit (Exam 70-448) -harjoituksien siirtämistä SQL Serverille 2012. Työllä on tarkoitus osoittaa, että SQL Server 2012 BI -työkalut soveltuvat harjoituksiin. Työssä siirrytään käyttämään uudempaa työkalua, SQL Server Data Toolsia, joka korvaa SQL Server 2008 R2 Business Intelligence Development Studion. Työn alussa tutust...

OCA Oracle Database 11g SQL Fundamentals I

CERN Document Server

Ries, Steve

2011-01-01

This book is packed with real word examples. Each major certification topic is covered in a separate chapter, which helps to make understanding of concepts easier. At the end of each chapter, you will find a variety of practice questions to strengthen and test your learning. You will get a feel for the actual SQL Fundamentals I exam by solving practice papers modeled on it. This book is for anyone who needs the essential skills to pass the Oracle Database SQL Fundamentals I exam and use those skills in daily life as an SQL developer or database administrator.

GeoSpark SQL: An Effective Framework Enabling Spatial Queries on Spark

Directory of Open Access Journals (Sweden)

Zhou Huang

2017-09-01

Full Text Available In the era of big data, Internet-based geospatial information services such as various LBS apps are deployed everywhere, followed by an increasing number of queries against the massive spatial data. As a result, the traditional relational spatial database (e.g., PostgreSQL with PostGIS and Oracle Spatial cannot adapt well to the needs of large-scale spatial query processing. Spark is an emerging outstanding distributed computing framework in the Hadoop ecosystem. This paper aims to address the increasingly large-scale spatial query-processing requirement in the era of big data, and proposes an effective framework GeoSpark SQL, which enables spatial queries on Spark. On the one hand, GeoSpark SQL provides a convenient SQL interface; on the other hand, GeoSpark SQL achieves both efficient storage management and high-performance parallel computing through integrating Hive and Spark. In this study, the following key issues are discussed and addressed: (1 storage management methods under the GeoSpark SQL framework, (2 the spatial operator implementation approach in the Spark environment, and (3 spatial query optimization methods under Spark. Experimental evaluation is also performed and the results show that GeoSpark SQL is able to achieve real-time query processing. It should be noted that Spark is not a panacea. It is observed that the traditional spatial database PostGIS/PostgreSQL performs better than GeoSpark SQL in some query scenarios, especially for the spatial queries with high selectivity, such as the point query and the window query. In general, GeoSpark SQL performs better when dealing with compute-intensive spatial queries such as the kNN query and the spatial join query.

Instant Microsoft SQL Server Analysis Services 2012 dimensions and cube

CERN Document Server

Acharya, Anurag

2013-01-01

Get to grips with a new technology, understand what it is and what it can do for you, and then get to work with the most important features and tasks. Written in a practical, friendly manner this book will take you through the journey from installing SQL Server to developing your first cubes.""Microsoft SQL Server Analysis Service 2012 Dimensions"" and Cube Starter is targeted at anyone who wants to get started with cube development in Microsoft SQL Server Analysis Services. Regardless of whether you are a SQL Server developer who knows nothing about cube development or SSAS or even OLAP, you

Replicación multimaestro en bases de datos PostgreSQL

OpenAIRE

Escobar Martín, Alejandro

2017-01-01

En este proyecto se analizarán las distintas opciones a la hora de replicar una base de datos PostgreSQL, se elegirá la que ofrezca la replicación multimaestro más apropiada para el proyecto y se estudiará e implementará en una base de datos distribuida en dos host, una con PostgreSQL 8.4 instalado en un Oracle Linux y otra con PostgreSQL 9.4 alojada en una máquina Windows. This proyect will analyce the various available options to replicate a PostgreSQL database, once analyced , the solut...

Omalizumab Injection

Science.gov (United States)

... injection is used to decrease the number of asthma attacks (sudden episodes of wheezing, shortness of breath, and ... about how to treat symptoms of a sudden asthma attack. If your asthma symptoms get worse or if ...

PostgreSQL developer's guide

CERN Document Server

Ahmed, Ibrar; Shahzad, Amjad

2015-01-01

If you are a database developer who wants to learn how to design and implement databases for application development using PostgreSQL, this is the book for you. Existing knowledge of basic database concepts and some programming experience is required

Weighted Moore–Penrose generalized matrix inverse: MySQL vs ...

Indian Academy of Sciences (India)

Danijela Milošević

database system, MySQL and NoSQL, key value store system, ApacheCassandra, on the database layer. The ..... Memory (RAM): 2940MB; System type: 32-bit Operating .... [3] Elmasri R and Navathe SB 2003 Fundamentals of database.

Evaluating a NoSQL Alternative for Chilean Virtual Observatory Services

Science.gov (United States)

Antognini, J.; Araya, M.; Solar, M.; Valenzuela, C.; Lira, F.

2015-09-01

Currently, the standards and protocols for data access in the Virtual Observatory architecture (DAL) are generally implemented with relational databases based on SQL. In particular, the Astronomical Data Query Language (ADQL), language used by IVOA to represent queries to VO services, was created to satisfy the different data access protocols, such as Simple Cone Search. ADQL is based in SQL92, and has extra functionality implemented using PgSphere. An emergent alternative to SQL are the so called NoSQL databases, which can be classified in several categories such as Column, Document, Key-Value, Graph, Object, etc.; each one recommended for different scenarios. Within their notable characteristics we can find: schema-free, easy replication support, simple API, Big Data, etc. The Chilean Virtual Observatory (ChiVO) is developing a functional prototype based on the IVOA architecture, with the following relevant factors: Performance, Scalability, Flexibility, Complexity, and Functionality. Currently, it's very difficult to compare these factors, due to a lack of alternatives. The objective of this paper is to compare NoSQL alternatives with SQL through the implementation of a Web API REST that satisfies ChiVO's needs: a SESAME-style name resolver for the data from ALMA. Therefore, we propose a test scenario by configuring a NoSQL database with data from different sources and evaluating the feasibility of creating a Simple Cone Search service and its performance. This comparison will allow to pave the way for the application of Big Data databases in the Virtual Observatory.

Network traffic anomaly prediction using Artificial Neural Network

Science.gov (United States)

Ciptaningtyas, Hening Titi; Fatichah, Chastine; Sabila, Altea

2017-03-01

As the excessive increase of internet usage, the malicious software (malware) has also increase significantly. Malware is software developed by hacker for illegal purpose(s), such as stealing data and identity, causing computer damage, or denying service to other user[1]. Malware which attack computer or server often triggers network traffic anomaly phenomena. Based on Sophos's report[2], Indonesia is the riskiest country of malware attack and it also has high network traffic anomaly. This research uses Artificial Neural Network (ANN) to predict network traffic anomaly based on malware attack in Indonesia which is recorded by Id-SIRTII/CC (Indonesia Security Incident Response Team on Internet Infrastructure/Coordination Center). The case study is the highest malware attack (SQL injection) which has happened in three consecutive years: 2012, 2013, and 2014[4]. The data series is preprocessed first, then the network traffic anomaly is predicted using Artificial Neural Network and using two weight update algorithms: Gradient Descent and Momentum. Error of prediction is calculated using Mean Squared Error (MSE) [7]. The experimental result shows that MSE for SQL Injection is 0.03856. So, this approach can be used to predict network traffic anomaly.

Microsoft SQL Server OLAP Solution - A Survey

OpenAIRE

Badiozamany, Sobhan

2010-01-01

Microsoft SQL Server 2008 offers technologies for performing On-Line Analytical Processing (OLAP), directly on data stored in data warehouses, instead of moving the data into some offline OLAP tool. This brings certain benefits, such as elimination of data copying and better integration with the DBMS compared with off-line OLAP tools. This report reviews SQL Server support for OLAP, solution architectures, tools and components involved. Standard storage options are discussed but the focus of ...

Preventing Injection Attacks with Syntax Embeddings : A Host and Guest Language Independent Approach

NARCIS (Netherlands)

Bravenboer, M.; Dolstra, E.; Visser, E.

2007-01-01

Software written in one language often needs to construct sentences in another language, such as SQL queries, XML output, or shell command invocations. This is almost always done using unhygienic string manipulation, the concatenation of constants and client-supplied strings. A client can then

Proposal of SQL Database to Support the Activities in Small IT Company

OpenAIRE

Říha, Petr

2012-01-01

Bakalářská práce se zaměřuje na návrh SQL databáze pro podporu činností malé IT firmy a její vytvoření v programu MS SQL Server. This thesis focuses on the design of SQL databases to support the activities of a small IT company and its creation in MS SQL Server. B

Implementation of multidimensional databases in column-oriented NoSQL systems

OpenAIRE

Chevalier, Max; El Malki, Mohammed; Kopliku, Arlind; Teste, Olivier; Tournier, Ronan

2015-01-01

International audience; NoSQL (Not Only SQL) systems are becoming popular due to known advantages such as horizontal scalability and elasticity. In this paper, we study the implementation of multidimensional data warehouses with columnoriented NoSQL systems. We define mapping rules that transform the conceptual multidimensional data model to logical column-oriented models. We consider three different logical models and we use them to instantiate data warehouses. We focus on data loading, mode...

DOMe: A deduplication optimization method for the NewSQL database backups.

Directory of Open Access Journals (Sweden)

Longxiang Wang

Full Text Available Reducing duplicated data of database backups is an important application scenario for data deduplication technology. NewSQL is an emerging database system and is now being used more and more widely. NewSQL systems need to improve data reliability by periodically backing up in-memory data, resulting in a lot of duplicated data. The traditional deduplication method is not optimized for the NewSQL server system and cannot take full advantage of hardware resources to optimize deduplication performance. A recent research pointed out that the future NewSQL server will have thousands of CPU cores, large DRAM and huge NVRAM. Therefore, how to utilize these hardware resources to optimize the performance of data deduplication is an important issue. To solve this problem, we propose a deduplication optimization method (DOMe for NewSQL system backup. To take advantage of the large number of CPU cores in the NewSQL server to optimize deduplication performance, DOMe parallelizes the deduplication method based on the fork-join framework. The fingerprint index, which is the key data structure in the deduplication process, is implemented as pure in-memory hash table, which makes full use of the large DRAM in NewSQL system, eliminating the performance bottleneck problem of fingerprint index existing in traditional deduplication method. The H-store is used as a typical NewSQL database system to implement DOMe method. DOMe is experimentally analyzed by two representative backup data. The experimental results show that: 1 DOMe can reduce the duplicated NewSQL backup data. 2 DOMe significantly improves deduplication performance by parallelizing CDC algorithms. In the case of the theoretical speedup ratio of the server is 20.8, the speedup ratio of DOMe can achieve up to 18; 3 DOMe improved the deduplication throughput by 1.5 times through the pure in-memory index optimization method.

PostgreSQL 9 high availability cookbook

CERN Document Server

Thomas, Shaun M

2014-01-01

A comprehensive series of dependable recipes to design, build, and implement a PostgreSQL server architecture free of common pitfalls that can operate for years to come. Each chapter is packed with instructions and examples to simplify even highly complex database operations. If you are a PostgreSQL DBA working on Linux systems who want a database that never gives up, this book is for you. If you've ever experienced a database outage, restored from a backup, spent hours trying to repair a malfunctioning cluster, or simply want to guarantee system stability, this book is definitely for you.

Combating Memory Corruption Attacks On Scada Devices

Science.gov (United States)

Bellettini, Carlo; Rrushi, Julian

Memory corruption attacks on SCADA devices can cause significant disruptions to control systems and the industrial processes they operate. However, despite the presence of numerous memory corruption vulnerabilities, few, if any, techniques have been proposed for addressing the vulnerabilities or for combating memory corruption attacks. This paper describes a technique for defending against memory corruption attacks by enforcing logical boundaries between potentially hostile data and safe data in protected processes. The technique encrypts all input data using random keys; the encrypted data is stored in main memory and is decrypted according to the principle of least privilege just before it is processed by the CPU. The defensive technique affects the precision with which attackers can corrupt control data and pure data, protecting against code injection and arc injection attacks, and alleviating problems posed by the incomparability of mitigation techniques. An experimental evaluation involving the popular Modbus protocol demonstrates the feasibility and efficiency of the defensive technique.

The Development of a Benchmark Tool for NoSQL Databases

Directory of Open Access Journals (Sweden)

Ion LUNGU

2013-07-01

Full Text Available The aim of this article is to describe a proposed benchmark methodology and software application targeted at measuring the performance of both SQL and NoSQL databases. These represent the results obtained during PhD research (being actually a part of a larger application intended for NoSQL database management. A reason for aiming at this particular subject is the complete lack of benchmarking tools for NoSQL databases, except for YCBS [1] and a benchmark tool made specifically to compare Redis to RavenDB. While there are several well-known benchmarking systems for classical relational databases (starting with the canon TPC-C, TPC-E and TPC-H, on the other side of databases world such tools are mostly missing and seriously needed.

Operational Exercise Integration Recommendations for DoD Cyber Ranges

Science.gov (United States)

2015-08-05

be the precision and recall of a security information and event management (SIEM) system ’s notifications of unauthorized access to that directory...network traffic, port scanning Deplete Resources TCP flooding, memory leak exploitation Injection Cross-site scripting attacks, SQL injection Deceptive...requirements for personnel development; tactics, techniques, and procedures (TTPs) devel- opment; and mission rehearsals . While unique in their own

Duplicates and translation of nested SQL queries into XRA

NARCIS (Netherlands)

N.Th. Verbrugge

1990-01-01

textabstractThe PRISMA/DB system contains a parser to translate the database language SQL into eXtended Relational Algebra (XRA). The early definition of XRA, which has a multi-set semantics, proves inadequate for translating SQL according to its nested-iteration semantics. The prime cause is that

Integrating Scientific Array Processing into Standard SQL

Science.gov (United States)

Misev, Dimitar; Bachhuber, Johannes; Baumann, Peter

2014-05-01

We live in a time that is dominated by data. Data storage is cheap and more applications than ever accrue vast amounts of data. Storing the emerging multidimensional data sets efficiently, however, and allowing them to be queried by their inherent structure, is a challenge many databases have to face today. Despite the fact that multidimensional array data is almost always linked to additional, non-array information, array databases have mostly developed separately from relational systems, resulting in a disparity between the two database categories. The current SQL standard and SQL DBMS supports arrays - and in an extension also multidimensional arrays - but does so in a very rudimentary and inefficient way. This poster demonstrates the practicality of an SQL extension for array processing, implemented in a proof-of-concept multi-faceted system that manages a federation of array and relational database systems, providing transparent, efficient and scalable access to the heterogeneous data in them.

Petaminer: Using ROOT for efficient data storage in MySQL database

Science.gov (United States)

Cranshaw, J.; Malon, D.; Vaniachine, A.; Fine, V.; Lauret, J.; Hamill, P.

2010-04-01

High Energy and Nuclear Physics (HENP) experiments store Petabytes of event data and Terabytes of calibration data in ROOT files. The Petaminer project is developing a custom MySQL storage engine to enable the MySQL query processor to directly access experimental data stored in ROOT files. Our project is addressing the problem of efficient navigation to PetaBytes of HENP experimental data described with event-level TAG metadata, which is required by data intensive physics communities such as the LHC and RHIC experiments. Physicists need to be able to compose a metadata query and rapidly retrieve the set of matching events, where improved efficiency will facilitate the discovery process by permitting rapid iterations of data evaluation and retrieval. Our custom MySQL storage engine enables the MySQL query processor to directly access TAG data stored in ROOT TTrees. As ROOT TTrees are column-oriented, reading them directly provides improved performance over traditional row-oriented TAG databases. Leveraging the flexible and powerful SQL query language to access data stored in ROOT TTrees, the Petaminer approach enables rich MySQL index-building capabilities for further performance optimization.

Petaminer: Using ROOT for efficient data storage in MySQL database

International Nuclear Information System (INIS)

Cranshaw, J; Malon, D; Vaniachine, A; Fine, V; Lauret, J; Hamill, P

2010-01-01

High Energy and Nuclear Physics (HENP) experiments store Petabytes of event data and Terabytes of calibration data in ROOT files. The Petaminer project is developing a custom MySQL storage engine to enable the MySQL query processor to directly access experimental data stored in ROOT files. Our project is addressing the problem of efficient navigation to PetaBytes of HENP experimental data described with event-level TAG metadata, which is required by data intensive physics communities such as the LHC and RHIC experiments. Physicists need to be able to compose a metadata query and rapidly retrieve the set of matching events, where improved efficiency will facilitate the discovery process by permitting rapid iterations of data evaluation and retrieval. Our custom MySQL storage engine enables the MySQL query processor to directly access TAG data stored in ROOT TTrees. As ROOT TTrees are column-oriented, reading them directly provides improved performance over traditional row-oriented TAG databases. Leveraging the flexible and powerful SQL query language to access data stored in ROOT TTrees, the Petaminer approach enables rich MySQL index-building capabilities for further performance optimization.

PHP & MySQL The Missing Manual

CERN Document Server

McLaughlin, Brett

2011-01-01

If you can build websites with CSS and JavaScript, this book takes you to the next level-creating dynamic, database-driven websites with PHP and MySQL. Learn how to build a database, manage your content, and interact with users through queries and web forms. With step-by-step tutorials, real-world examples, and jargon-free explanations, you'll soon discover the power of server-side programming. The important stuff you need to know: Get a running start. Write PHP scripts and create a web form right away.Learn the language. Get up to speed on PHP and SQL syntax quickly.Build a database. Use My

PHP and MySQL for Dummies

CERN Document Server

Valade, Janet

2009-01-01

Here's what Web designers need to know to create dynamic, database-driven Web sites. To be on the cutting edge, Web sites need to serve up HTML, CSS, and products specific to the needs of different customers using different browsers. An effective e-commerce site gathers information about users and provides information they need to get the desired result. PHP scripting language with a MySQL back-end database offers an effective way to design sites that meet these requirements. This full updated 4th Edition of PHP & MySQL For Dummies gets you quickly up to speed, even if your experience is limit

SQL injekciju uzbrukumu analīze un novēršana

OpenAIRE

Kudiņa, Monta

2015-01-01

Šī darba mērķis ir iepazīties ar populārākajiem SQL injekciju uzbrukumu veidiem, apzināties kā uzbrukumi tiek realizēti, un noskaidrot preventīvos pasākumus uzbrukumu novēršanai. Bakalaura darbā “SQL injekciju uzbrukumu analīze un novēršana” tiek apskatīti SQL injekciju uzbrukumu veidi un metodes, uzbrukumu realizācijas dažādās datubāzes platformās, SQL injekciju uzbrukumu atklāšana un pasākumi uzbrukumu novēšanai. Darba gaitā tika gan teorētiski, gan praktiski iepazīti SQL uzbrukumi, un apsk...

SQL Server Analysis Services 2012 cube development cookbook

CERN Document Server

Dewald, Baya; Hughes, Steve

2013-01-01

A practical cookbook packed with recipes to help developers produce data cubes as quickly as possible by following step by step instructions, rather than explaining data mining concepts with SSAS.If you are a BI or ETL developer using SQL Server Analysis services to build OLAP cubes, this book is ideal for you. Prior knowledge of relational databases and experience with Excel as well as SQL development is required.

Getting started with SQL Server 2014 administration

CERN Document Server

Ellis, Gethyn

2014-01-01

This is an easytofollow handson tutorial that includes real world examples of SQL Server 2014's new features. Each chapter is explained in a stepbystep manner which guides you to implement the new technology.If you want to create an highly efficient database server then this book is for you. This book is for database professionals and system administrators who want to use the added features of SQL Server 2014 to create a hybrid environment, which is both highly available and allows you to get the best performance from your databases.

Using PHP/MySQL to Manage Potential Mass Impacts

Science.gov (United States)

Hager, Benjamin I.

2010-01-01

This paper presents a new application using commercially available software to manage mass properties for spaceflight vehicles. PHP/MySQL(PHP: Hypertext Preprocessor and My Structured Query Language) are a web scripting language and a database language commonly used in concert with each other. They open up new opportunities to develop cutting edge mass properties tools, and in particular, tools for the management of potential mass impacts (threats and opportunities). The paper begins by providing an overview of the functions and capabilities of PHP/MySQL. The focus of this paper is on how PHP/MySQL are being used to develop an advanced "web accessible" database system for identifying and managing mass impacts on NASA's Ares I Upper Stage program, managed by the Marshall Space Flight Center. To fully describe this application, examples of the data, search functions, and views are provided to promote, not only the function, but the security, ease of use, simplicity, and eye-appeal of this new application. This paper concludes with an overview of the other potential mass properties applications and tools that could be developed using PHP/MySQL. The premise behind this paper is that PHP/MySQL are software tools that are easy to use and readily available for the development of cutting edge mass properties applications. These tools are capable of providing "real-time" searching and status of an active database, automated report generation, and other capabilities to streamline and enhance mass properties management application. By using PHP/MySQL, proven existing methods for managing mass properties can be adapted to present-day information technology to accelerate mass properties data gathering, analysis, and reporting, allowing mass property management to keep pace with today's fast-pace design and development processes.

In Vitro Fertilization Using Luteinizing Hormone-Releasing Hormone Injections Resulted in Healthy Triplets without Increased Attack Rates in a Hereditary Angioedema Case

Directory of Open Access Journals (Sweden)

Ceyda Tunakan Dalgıç

2018-01-01

Full Text Available Hereditary angioedema due to C1-inhibitor deficiency (C1-INH-HAE is a rare, autosomal dominant disorder. The management of pregnant patients with C1-INH-HAE is a challenge for the physician. Intravenous plasma-derived nanofiltered C1-INH (pdC1INH is the only recommended option throughout pregnancy, postpartum, and breastfeeding period. In order to increase pregnancy rates, physicians use fertilization therapies increasing endogen levels of estrogens. Therefore, these techniques can provoke an increase in the number and severity of edema attacks in C1-INH-HAE. Our patient is a 32-year-old female, diagnosed with C1-INH-HAE type 1 since 2004. She had been taking danazol 50–200 mg/day for 9 years. Due to her pregnancy plans in 2013, danazol was discontinued. PdC1INH was prescribed regularly for prophylactic purpose. Triplet pregnancy occurred by in vitro fertilization using luteinizing hormone-releasing hormone (LHRH injections. In our patient, LHRH injections were done four times without causing any severe attack during in vitro fertilization. Angioedema did not worsen during pregnancy and delivery due to the prophylactic use of intravenous pdC1INH in our patient. According to the attack frequency and severity, there was no difference between the three pregnancy trimesters. To our knowledge, this is the first published case of C1-INH-HAE receiving in vitro fertilization therapies without any angioedema attacks during pregnancy and delivery and eventually having healthy triplets with the prophylactic use of intravenous pdC1INH.

Evaluation of relational and NoSQL database architectures to manage genomic annotations.

Science.gov (United States)

Schulz, Wade L; Nelson, Brent G; Felker, Donn K; Durant, Thomas J S; Torres, Richard

2016-12-01

While the adoption of next generation sequencing has rapidly expanded, the informatics infrastructure used to manage the data generated by this technology has not kept pace. Historically, relational databases have provided much of the framework for data storage and retrieval. Newer technologies based on NoSQL architectures may provide significant advantages in storage and query efficiency, thereby reducing the cost of data management. But their relative advantage when applied to biomedical data sets, such as genetic data, has not been characterized. To this end, we compared the storage, indexing, and query efficiency of a common relational database (MySQL), a document-oriented NoSQL database (MongoDB), and a relational database with NoSQL support (PostgreSQL). When used to store genomic annotations from the dbSNP database, we found the NoSQL architectures to outperform traditional, relational models for speed of data storage, indexing, and query retrieval in nearly every operation. These findings strongly support the use of novel database technologies to improve the efficiency of data management within the biological sciences. Copyright © 2016 Elsevier Inc. All rights reserved.

Empirical Testing of the CySeMoL Tool for Cyber Security Assessment – Case Study of Linux Server and MySQL

OpenAIRE

Rabbani, Talvia

2016-01-01

In this Master Thesis, several common applications used with MySQL and Linux server are modelled using the Enterprise Architecture Analysis Tool (EAAT) and the Cyber Security Modelling Language (CySeMoL), both developed by the Department of Industrial Information and Control System (ICS) at KTH. The objective of this study is to use the CySeMoL tool to evaluate the feasibility and correctness of the tool by simulating some particular type of attacks on a real life Linux server. A few common a...

MySQL High Availability Tools for Building Robust Data Centers

CERN Document Server

Bell, Charles; Thalmann, Lars

2010-01-01

Server bottlenecks and failures are a fact of life in any database deployment, but they don't have to bring everything to a halt. MySQL has several features that can help you protect your system from outages, whether it's running on hardware, virtual machines, or in the cloud. MySQL High Availability explains how to use these replication, cluster, and monitoring features in a wide range of real-life situations. Written by engineers who designed many of the tools covered inside, this book reveals undocumented or hard-to-find aspects of MySQL reliability and high availability -- knowledge that

An Effective NoSQL-Based Vector Map Tile Management Approach

Directory of Open Access Journals (Sweden)

Lin Wan

2016-11-01

Full Text Available Within a digital map service environment, the rapid growth of Spatial Big-Data is driving new requirements for effective mechanisms for massive online vector map tile processing. The emergence of Not Only SQL (NoSQL databases has resulted in a new data storage and management model for scalable spatial data deployments and fast tracking. They better suit the scenario of high-volume, low-latency network map services than traditional standalone high-performance computer (HPC or relational databases. In this paper, we propose a flexible storage framework that provides feasible methods for tiled map data parallel clipping and retrieval operations within a distributed NoSQL database environment. We illustrate the parallel vector tile generation and querying algorithms with the MapReduce programming model. Three different processing approaches, including local caching, distributed file storage, and the NoSQL-based method, are compared by analyzing the concurrent load and calculation time. An online geological vector tile map service prototype was developed to embed our processing framework in the China Geological Survey Information Grid. Experimental results show that our NoSQL-based parallel tile management framework can support applications that process huge volumes of vector tile data and improve performance of the tiled map service.

Professional Microsoft SQL Server 2012 Integration Services

CERN Document Server

Knight, Brian; Moss, Jessica M; Davis, Mike; Rock, Chris

2012-01-01

An in-depth look at the radical changes to the newest release of SISS Microsoft SQL Server 2012 Integration Services (SISS) builds on the revolutionary database product suite first introduced in 2005. With this crucial resource, you will explore how this newest release serves as a powerful tool for performing extraction, transformation, and load operations (ETL). A team of SQL Server experts deciphers this complex topic and provides detailed coverage of the new features of the 2012 product release. In addition to technical updates and additions, the authors present you with a new set of SISS b

Επίθεση τύπου SQL injection: απειλές και προστασία

OpenAIRE

Σιάμπος, Θεοφάνης Ι.

2013-01-01

To SQL Injection αποτελεί βασική επίθεση που χρησιμοποιείται είτε για να αποκτήσει κάποιος παράνομη πρόσβαση σε μια βάση δεδομένων είτε για να ανακτήσει πληροφορίες απευθείας από τη βάση. Οι βασικές αρχές που χαρακτηρίζουν το SQL Injection είναι απλές και εύκολες στην εκτέλεση και τη διαχείριση. Κάθε πρόγραμμα ή εφαρμογή μπορεί να είναι ευπαθές στην εισαγωγή εντολών SQL συμπεριλαμβανομένων αποθηκευμένων διαδικασιών που εκτελούνται με απευθείας σύνδεση στη βάση δεδομένων. Οι διαδικτυακές εφαρμ...

Comparison of performance between Raw SQL and Eloquent ORM in Laravel

OpenAIRE

Jound, Ishaq; Halimi, Hamed

2016-01-01

Context. PHP framework Laravel offers three techniques to interact with databases, Eloquent ORM, Query builder and Raw SQL. It is important to select the right database technique when developing a web application because there are pros and cons with each approach.  Objectives. In this thesis we will measure the performance of Raw SQL and Eloquent ORM, there is little research on which technique is faster. Intuitively, Raw SQL should be faster than Eloquent ORM, but exactly how much faster nee...

PostgreSQL 9 administration cookbook

CERN Document Server

Riggs, Simon; Krosing, Hannu; Bartolini, Gabriele

2015-01-01

Through example-driven recipes, with plenty of code, focused on the most vital features of the latest PostgreSQL version (9.4), both administrators and developers will follow short, specific guides to understand and leverage useful Postgre functionalities to create better and more efficient databases.

SQL Server 2012 data integration recipes solutions for integration services and other ETL tools

CERN Document Server

Aspin, Adam

2012-01-01

SQL Server 2012 Data Integration Recipes provides focused and practical solutions to real world problems of data integration. Need to import data into SQL Server from an outside source? Need to export data and send it to another system? SQL Server 2012 Data Integration Recipes has your back. You'll find solutions for importing from Microsoft Office data stores such as Excel and Access, from text files such as CSV files, from XML, from other database brands such as Oracle and MySQL, and even from other SQL Server databases. You'll learn techniques for managing metadata, transforming data to mee

Can WFS-T replace SQL ?

NARCIS (Netherlands)

Groot, de H.L.E.; Vanmeulebrouk, B.; Riviere, la I.J.

2010-01-01

Background With the advent of rich internet applications (RIA’s), part of processing has been transferred from the server to the client. However, many geo-spatial applications still require serverside access to a geodatabase to select and manipulate data using SQL. It would be profitable if these

Zero tolerance for incorrect data: Best practices in SQL transaction programming

Science.gov (United States)

Laiho, M.; Skourlas, C.; Dervos, D. A.

2015-02-01

DBMS products differ in the way they support even the basic SQL transaction services. In this paper, a framework of best practices in SQL transaction programming is given and discussed. The SQL developers are advised to experiment with and verify the services supported by the DBMS product used. The framework has been developed by DBTechNet, a European network of teachers, trainers and ICT professionals. A course module on SQL transactions, offered by the LLP "DBTech VET Teachers" programme, is also presented and discussed. Aims and objectives of the programme include the introduction of the topics and content of SQL transactions and concurrency control to HE/VET curricula and addressing the need for initial and continuous training on these topics to in-company trainers, VET teachers, and Higher Education students. An overview of the course module, its learning outcomes, the education and training (E&T) content, virtual database labs with hands-on self-practicing exercises, plus instructions for the teacher/trainer on the pedagogy and the usage of the course modules' content are briefly described. The main principle adopted is to "Learn by verifying in practice" and the transactions course motto is: "Zero Tolerance for Incorrect Data".

VectorH : Taking SQL-on-Hadoop to the next level

NARCIS (Netherlands)

Costea, Andrei; Ionescu, Adrian; Raducanu, Bogdan; Świtakowski, Michał; Bârca, Cristian; Sompolski, Juliusz; Łuszczak, Alicja; Szafrański, Michał; De Nijs, Giel; Boncz, Peter

2016-01-01

Actian Vector in Hadoop (VectorH for short) is a new SQL-on-Hadoop system built on top of the fast Vectorwise analytical database system. VectorH achieves fault tolerance and storage scalability by relying on HDFS, and extends the state-of-the-art in SQL-on-Hadoop systems by instrumenting the HDFS

VectorH: taking SQL-on-Hadoop to the next level

NARCIS (Netherlands)

M. Switakowski; A. Costea (Andrei); A. Ionescu (Adrian); B. Raducanu (Bogdan); C. Bârca; J. Sompolski (Juliusz); A. Łuszczak; M. Szafranski (Michal); G. De Nijs; P.A. Boncz (Peter)

2016-01-01

htmlabstractIn this paper we describe VectorH: a new SQL-on-Hadoop system built on top of the fast Vectorwise analytical database system. VectorH achieves fault tolerance and scalable data storage by relying on HDFS, extending the state-of-the-art in SQL-on-Hadoop systems by instrumenting the HDFS

Real SQL queries 50 challenges : practice for reporting and analysis

CERN Document Server

Cohen, Brian; Mishra, Neerja

2015-01-01

Queries improve when challenges are authentic. This book sets your learning on the fast track with realistic problems to solve. Topics span sales, marketing, human resources, purchasing, and production. Real SQL Queries: 50 Challenges is perfect for analysts, report writers, or anyone searching for a hands-on approach to learning SQL Server.

PostgreSQL administration essentials

CERN Document Server

Schönig, Hans-Jürgen

2014-01-01

If you are a database administrator who needs to get to grips with PostgreSQL quickly and efficiently, then this book is for you. This book will also be highly beneficial if you are a project leader or a developer who is interested in knowing more about database systems or bottleneck detection, as it will enable you to work more closely and cooperatively with your administrators.

Instant SQL Server Analysis Services 2012 Cube Security

CERN Document Server

Jayanty, Satya SK

2013-01-01

Filled with practical, step-by-step instructions and clear explanations for the most important and useful tasks. Instant Microsoft SQL Server Analysis Services 2012 Cube Security is a practical, hands-on guide that provides a number of clear, step-by-step exercises for getting started with cube security.This book is aimed at Database Administrators, Data Architects, and Systems Administrators who are managing the SQL Server data platform. It is also beneficial for analysis services developers who already have some experience with the technology, but who want to go into more detail on advanced

Advantages and disadvantages of relational and non-relational (NoSQL) databases for analytical tasks

OpenAIRE

Klapač, Milan

2015-01-01

This work focuses on NoSQL databases, their use for analytical tasks and on comparison of NoSQL databases with relational and OLAP databases. The aim is to analyse the benefits of NoSQL databases and their use for analytical purposes. The first part presents the basic principles of Business Intelligence, Data Warehousing, and Big Data. The second part deals with the key features of relational and NoSQL databases. The last part of the thesis describes the properties of four basic types of NoSQ...

Processing of the WLCG monitoring data using NoSQL

Science.gov (United States)

Andreeva, J.; Beche, A.; Belov, S.; Dzhunov, I.; Kadochnikov, I.; Karavakis, E.; Saiz, P.; Schovancova, J.; Tuckett, D.

2014-06-01

The Worldwide LHC Computing Grid (WLCG) today includes more than 150 computing centres where more than 2 million jobs are being executed daily and petabytes of data are transferred between sites. Monitoring the computing activities of the LHC experiments, over such a huge heterogeneous infrastructure, is extremely demanding in terms of computation, performance and reliability. Furthermore, the generated monitoring flow is constantly increasing, which represents another challenge for the monitoring systems. While existing solutions are traditionally based on Oracle for data storage and processing, recent developments evaluate NoSQL for processing large-scale monitoring datasets. NoSQL databases are getting increasingly popular for processing datasets at the terabyte and petabyte scale using commodity hardware. In this contribution, the integration of NoSQL data processing in the Experiment Dashboard framework is described along with first experiences of using this technology for monitoring the LHC computing activities.

Processing of the WLCG monitoring data using NoSQL

International Nuclear Information System (INIS)

Andreeva, J; Beche, A; Karavakis, E; Saiz, P; Tuckett, D; Belov, S; Kadochnikov, I; Schovancova, J; Dzhunov, I

2014-01-01

The Worldwide LHC Computing Grid (WLCG) today includes more than 150 computing centres where more than 2 million jobs are being executed daily and petabytes of data are transferred between sites. Monitoring the computing activities of the LHC experiments, over such a huge heterogeneous infrastructure, is extremely demanding in terms of computation, performance and reliability. Furthermore, the generated monitoring flow is constantly increasing, which represents another challenge for the monitoring systems. While existing solutions are traditionally based on Oracle for data storage and processing, recent developments evaluate NoSQL for processing large-scale monitoring datasets. NoSQL databases are getting increasingly popular for processing datasets at the terabyte and petabyte scale using commodity hardware. In this contribution, the integration of NoSQL data processing in the Experiment Dashboard framework is described along with first experiences of using this technology for monitoring the LHC computing activities.

Temporální rozšíření pro PostgreSQL

OpenAIRE

Jelínek, Radek

2015-01-01

Tato práce se zabývá temporálním rozšířením databázového systému PostgreSQL. Čtenář se tu seznámí se stručným úvodem do temporálních databází, databázovým systémem PostgreSQL, návrhem rozšíření pro PostgreSQL a konkrétní implementací doplněnou příklady. Jsou tu uvedeny i používané temporální databázové systémy a využití temporálních databází v praxi. This thesis is focused on PostgreSQL database system. You can find here introducing to temporal databases, database system PostgreSQL, propos...

Ultrabroadband photonic Internet: data mining approach to security aspects

Science.gov (United States)

Kalicki, Arkadiusz

2009-06-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application frameworks together with careless development results in high number of vulnerabilities and attacks. There are several types of attacks possible because of improper input validation. SQL injection is ability to execute arbitrary SQL queries in a database through an existing application. Cross-site scripting is the vulnerability which allows malicious web users to inject code into the web pages viewed by other users. Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains malicious request. Web spam in blogs. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. Misuse detection systems are signature based, have high accuracy in detecting many kinds of known attacks but cannot detect unknown and emerging attacks. This can be complemented with anomaly based intrusion detection and prevention systems. This paper presents anomaly driven proxy as an IPS and data mining based algorithm which was used to detecting anomalies. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Some basic tests show that the software catches malicious requests.

An algorithm to transform natural language into SQL queries for relational databases

Directory of Open Access Journals (Sweden)

Garima Singh

2016-09-01

Full Text Available Intelligent interface, to enhance efficient interactions between user and databases, is the need of the database applications. Databases must be intelligent enough to make the accessibility faster. However, not every user familiar with the Structured Query Language (SQL queries as they may not aware of structure of the database and they thus require to learn SQL. So, non-expert users need a system to interact with relational databases in their natural language such as English. For this, Database Management System (DBMS must have an ability to understand Natural Language (NL. In this research, an intelligent interface is developed using semantic matching technique which translates natural language query to SQL using set of production rules and data dictionary. The data dictionary consists of semantics sets for relations and attributes. A series of steps like lower case conversion, tokenization, speech tagging, database element and SQL element extraction is used to convert Natural Language Query (NLQ to SQL Query. The transformed query is executed and the results are obtained by the user. Intelligent Interface is the need of database applications to enhance efficient interaction between user and DBMS.

SQL užklausų rašymo gebėjimų vertinimo sistema

OpenAIRE

Ruzgys, Mindaugas

2014-01-01

Faktiškai kiekviena šiuolaikinė IS naudoja duomenų bazes, kad saugoti informaciją. Šiuo metu populiariausios reliacinės duomenų bazių valdymo sistemos, kur užklausos rašomos SQL kalba. Todėl kiekvienas programuotojas privalo gebėti rašyti SQL užklausas Rinkoje labai mažai sistemų, skirtų MySQL žinių testavimui, kurios atitinka visus keliamus reikalavimus ir yra nemokamos. Most of bigger web solutions use databases for data storage.This is why all programmers must be familiar with SQL and i...

NoSQL: collection document and cloud by using a dynamic web query form

Science.gov (United States)

Abdalla, Hemn B.; Lin, Jinzhao; Li, Guoquan

2015-07-01

Mongo-DB (from "humongous") is an open-source document database and the leading NoSQL database. A NoSQL (Not Only SQL, next generation databases, being non-relational, deal, open-source and horizontally scalable) presenting a mechanism for storage and retrieval of documents. Previously, we stored and retrieved the data using the SQL queries. Here, we use the MonogoDB that means we are not utilizing the MySQL and SQL queries. Directly importing the documents into our Drives, retrieving the documents on that drive by not applying the SQL queries, using the IO BufferReader and Writer, BufferReader for importing our type of document files to my folder (Drive). For retrieving the document files, the usage is BufferWriter from the particular folder (or) Drive. In this sense, providing the security for those storing files for what purpose means if we store the documents in our local folder means all or views that file and modified that file. So preventing that file, we are furnishing the security. The original document files will be changed to another format like in this paper; Binary format is used. Our documents will be converting to the binary format after that direct storing in one of our folder, that time the storage space will provide the private key for accessing that file. Wherever any user tries to discover the Document files means that file data are in the binary format, the document's file owner simply views that original format using that personal key from receive the secret key from the cloud.

Design and evaluation of a NoSQL database for storing and querying RDF data

Directory of Open Access Journals (Sweden)

Kanda Runapongsa Saikaew

2014-12-01

Full Text Available Currently the amount of web data has increased excessively. Its metadata is widely used in order to fully exploit web information resources. This causes the need for Semantic Web technology to quickly analyze such big data. Resource Description Framework (RDF is a standard for describing web resources. In this paper, we propose a method to exploit a NoSQL database, specifically MongoDB, to store and query RDF data. We choose MongoDB to represent a NoSQL database because it is one of the most popular high-performance NoSQL databases. We evaluate the proposed design and implementation by using the Berlin SPARQL Benchmark, which is one of the most widely accepted benchmarks for comparing the performance of RDF storage systems. We compare three database systems, which are Apache Jena TDB (native RDF store, MySQL (relational database, and our proposed system with MongoDB (NoSQL database. Based on the experimental results analysis, our proposed system outperforms other database systems for most queries when the data set size is small. However, for a larger data set, MongoDB performs well for queries with simple operators while MySQL offers an efficient solution for complex queries. The result of this work can provide some guideline for choosing an appropriate RDF database system and applying a NoSQL database in storing and querying RDF data.

NoSQL database scaling

OpenAIRE

Žardin, Norbert

2017-01-01

NoSQL database scaling is a decision, where system resources or financial expenses are traded for database performance or other benefits. By scaling a database, database performance and resource usage might increase or decrease, such changes might have a negative impact on an application that uses the database. In this work it is analyzed how database scaling affect database resource usage and performance. As a results, calculations are acquired, using which database scaling types and differe...

Exploiting Hardware Vulnerabilities to Attack Embedded System Devices: a Survey of Potent Microarchitectural Attacks

Directory of Open Access Journals (Sweden)

Apostolos P. Fournaris

2017-07-01

Full Text Available Cyber-Physical system devices nowadays constitute a mixture of Information Technology (IT and Operational Technology (OT systems that are meant to operate harmonically under a security critical framework. As security IT countermeasures are gradually been installed in many embedded system nodes, thus securing them from many well-know cyber attacks there is a lurking danger that is still overlooked. Apart from the software vulnerabilities that typical malicious programs use, there are some very interesting hardware vulnerabilities that can be exploited in order to mount devastating software or hardware attacks (typically undetected by software countermeasures capable of fully compromising any embedded system device. Real-time microarchitecture attacks such as the cache side-channel attacks are such case but also the newly discovered Rowhammer fault injection attack that can be mounted even remotely to gain full access to a device DRAM (Dynamic Random Access Memory. Under the light of the above dangers that are focused on the device hardware structure, in this paper, an overview of this attack field is provided including attacks, threat directives and countermeasures. The goal of this paper is not to exhaustively overview attacks and countermeasures but rather to survey the various, possible, existing attack directions and highlight the security risks that they can pose to security critical embedded systems as well as indicate their strength on compromising the Quality of Service (QoS such systems are designed to provide.

Life in extra dimensions of database world or penetration of NoSQL in HEP community

OpenAIRE

Kuznetsov, Valentin

2012-01-01

The recent buzzword in IT world is NoSQL. Major players, such as Facebook, Yahoo, Google, etc. are widely adopted different "NoSQL" solutions for their needs. Horizontal scalability, flexible data model and management of big data volumes are only a few advantages of NoSQL. In CMS experiment we use several of them in production environment. Here we present CMS projects based on NoSQL solutions, their strengths and weaknesses as well as our experience with those tools and their coexistence with...

Teaching Case: Introduction to NoSQL in a Traditional Database Course

Science.gov (United States)

Fowler, Brad; Godin, Joy; Geddy, Margaret

2016-01-01

Many organizations are dealing with the increasing demands of big data, so they are turning to NoSQL databases as their preferred system for handling the unique problems of capturing and storing massive amounts of data. Therefore, it is likely that employees in all sizes of organizations will encounter NoSQL databases. Thus, to be more job-ready,…

Microsoft® SQL Server® 2008 Step by Step

CERN Document Server

Hotek, Mike

2009-01-01

Teach yourself SQL Server 2008-one step at a time. Get the practical guidance you need to build database solutions that solve real-world business problems. Learn to integrate SQL Server data in your applications, write queries, develop reports, and employ powerful business intelligence systems.Discover how to:Install and work with core components and toolsCreate tables and index structuresManipulate and retrieve dataSecure, manage, back up, and recover databasesApply tuning plus optimization techniques to generate high-performing database applicationsOptimize availability through clustering, d

Cyber attacks against state estimation in power systems: Vulnerability analysis and protection strategies

Science.gov (United States)

Liu, Xuan

Power grid is one of the most critical infrastructures in a nation and could suffer a variety of cyber attacks. With the development of Smart Grid, false data injection attack has recently attracted wide research interest. This thesis proposes a false data attack model with incomplete network information and develops optimal attack strategies for attacking load measurements and the real-time topology of a power grid. The impacts of false data on the economic and reliable operations of power systems are quantitatively analyzed in this thesis. To mitigate the risk of cyber attacks, a distributed protection strategies are also developed. It has been shown that an attacker can design false data to avoid being detected by the control center if the network information of a power grid is known to the attacker. In practice, however, it is very hard or even impossible for an attacker to obtain all network information of a power grid. In this thesis, we propose a local load redistribution attacking model based on incomplete network information and show that an attacker only needs to obtain the network information of the local attacking region to inject false data into smart meters in the local region without being detected by the state estimator. A heuristic algorithm is developed to determine a feasible attacking region by obtaining reduced network information. This thesis investigates the impacts of false data on the operations of power systems. It has been shown that false data can be designed by an attacker to: 1) mask the real-time topology of a power grid; 2) overload a transmission line; 3) disturb the line outage detection based on PMU data. To mitigate the risk of cyber attacks, this thesis proposes a new protection strategy, which intends to mitigate the damage effects of false data injection attacks by protecting a small set of critical measurements. To further reduce the computation complexity, a mixed integer linear programming approach is also proposed to

Comparing functionality and performance of MySQL and MariaDB database management systems

OpenAIRE

CETINSKI, TEJA

2015-01-01

MySQL je najbolj priljubljen odprtokodni sistem za upravljanje z relacijskimi bazami. Z Oraclovim prevzemom podjetja Sun in s tem MySQL so se pojavili dvomi o nadaljnjem razvoju sistema in ohranjanju njegove odprtokodnosti, kar je povzročilo pojav izpeljank sistema MySQL, ki slednjega neposredno nadomeščajo ter so vedno bolj priljubljene. V okviru diplomske naloge smo zato raziskali združljivost, funkcionalnosti in performančne izboljšave najpopularnejše od njih, MariaDB. V prvem delu naloge ...

A Bayesian model for anomaly detection in SQL databases for security systems

NARCIS (Netherlands)

Drugan, M.M.

2017-01-01

We focus on automatic anomaly detection in SQL databases for security systems. Many logs of database systems, here the Townhall database, contain detailed information about users, like the SQL queries and the response of the database. A database is a list of log instances, where each log instance is

On Cyber Attacks and Signature Based Intrusion Detection for MODBUS Based Industrial Control Systems

Directory of Open Access Journals (Sweden)

Wei Gao

2014-03-01

Full Text Available Industrial control system communication networks are vulnerable to reconnaissance, response injection, command injection, and denial of service attacks.  Such attacks can lead to an inability to monitor and control industrial control systems and can ultimately lead to system failure. This can result in financial loss for control system operators and economic and safety issues for the citizens who use these services.  This paper describes a set of 28 cyber attacks against industrial control systems which use the MODBUS application layer network protocol. The paper also describes a set of standalone and state based intrusion detection system rules which can be used to detect cyber attacks and to store evidence of attacks for post incident analysis. All attacks described in this paper were validated in a laboratory environment. The detection rate of the intrusion detection system rules presented by attack class is also presented.

Stealthy false data injection attacks using matrix recovery and independent component analysis in smart grid

Science.gov (United States)

JiWei, Tian; BuHong, Wang; FuTe, Shang; Shuaiqi, Liu

2017-05-01

Exact state estimation is vital important to maintain common operations of smart grids. Existing researches demonstrate that state estimation output could be compromised by malicious attacks. However, to construct the attack vectors, a usual presumption in most works is that the attacker has perfect information regarding the topology and so on even such information is difficult to acquire in practice. Recent research shows that Independent Component Analysis (ICA) can be used for inferring topology information which can be used to originate undetectable attacks and even to alter the price of electricity for the profits of attackers. However, we found that the above ICA-based blind attack tactics is merely feasible in the environment with Gaussian noises. If there are outliers (device malfunction and communication errors), the Bad Data Detector will easily detect the attack. Hence, we propose a robust ICA based blind attack strategy that one can use matrix recovery to circumvent the outlier problem and construct stealthy attack vectors. The proposed attack strategies are tested with IEEE representative 14-bus system. Simulations verify the feasibility of the proposed method.

Evaluation of NoSQL databases for DIRAC monitoring and beyond

Science.gov (United States)

Mathe, Z.; Casajus Ramo, A.; Stagni, F.; Tomassetti, L.

2015-12-01

Nowadays, many database systems are available but they may not be optimized for storing time series data. Monitoring DIRAC jobs would be better done using a database optimised for storing time series data. So far it was done using a MySQL database, which is not well suited for such an application. Therefore alternatives have been investigated. Choosing an appropriate database for storing huge amounts of time series data is not trivial as one must take into account different aspects such as manageability, scalability and extensibility. We compared the performance of Elasticsearch, OpenTSDB (based on HBase) and InfluxDB NoSQL databases, using the same set of machines and the same data. We also evaluated the effort required for maintaining them. Using the LHCb Workload Management System (WMS), based on DIRAC as a use case we set up a new monitoring system, in parallel with the current MySQL system, and we stored the same data into the databases under test. We evaluated Grafana (for OpenTSDB) and Kibana (for ElasticSearch) metrics and graph editors for creating dashboards, in order to have a clear picture on the usability of each candidate. In this paper we present the results of this study and the performance of the selected technology. We also give an outlook of other potential applications of NoSQL databases within the DIRAC project.

Examining database persistence of ISO/EN 13606 standardized electronic health record extracts: relational vs. NoSQL approaches.

Science.gov (United States)

Sánchez-de-Madariaga, Ricardo; Muñoz, Adolfo; Lozano-Rubí, Raimundo; Serrano-Balazote, Pablo; Castro, Antonio L; Moreno, Oscar; Pascual, Mario

2017-08-18

The objective of this research is to compare the relational and non-relational (NoSQL) database systems approaches in order to store, recover, query and persist standardized medical information in the form of ISO/EN 13606 normalized Electronic Health Record XML extracts, both in isolation and concurrently. NoSQL database systems have recently attracted much attention, but few studies in the literature address their direct comparison with relational databases when applied to build the persistence layer of a standardized medical information system. One relational and two NoSQL databases (one document-based and one native XML database) of three different sizes have been created in order to evaluate and compare the response times (algorithmic complexity) of six different complexity growing queries, which have been performed on them. Similar appropriate results available in the literature have also been considered. Relational and non-relational NoSQL database systems show almost linear algorithmic complexity query execution. However, they show very different linear slopes, the former being much steeper than the two latter. Document-based NoSQL databases perform better in concurrency than in isolation, and also better than relational databases in concurrency. Non-relational NoSQL databases seem to be more appropriate than standard relational SQL databases when database size is extremely high (secondary use, research applications). Document-based NoSQL databases perform in general better than native XML NoSQL databases. EHR extracts visualization and edition are also document-based tasks more appropriate to NoSQL database systems. However, the appropriate database solution much depends on each particular situation and specific problem.

SQL Triggers Reacting on Time Events: An Extension Proposal

Science.gov (United States)

Behrend, Andreas; Dorau, Christian; Manthey, Rainer

Being able to activate triggers at timepoints reached or after time intervals elapsed has been acknowledged by many authors as a valuable functionality of a DBMS. Recently, the interest in time-based triggers has been renewed in the context of data stream monitoring. However, up till now SQL triggers react to data changes only, even though research proposals and prototypes have been supporting several other event types, in particular time-based ones, since long. We therefore propose a seamless extension of the SQL trigger concept by time-based triggers, focussing on semantic issues arising from such an extension.

Microsoft SQL Server 2014 Business Intelligence development beginner's guide

CERN Document Server

Rad, Reza

2014-01-01

Written in an easy-to-follow, example-driven format, there are plenty of step-by-step instructions to help get you started! The book has a friendly approach, with the opportunity to learn by experimenting.If you are a BI and Data Warehouse developer new to Microsoft Business Intelligence, and looking to get a good understanding of the different components of Microsoft SQL Server for Business Intelligence, this book is for you.It's assumed that you will have some experience in databases systems and T-SQL. This book is will give you a good upshot view of each component and scenarios featuring th

Attack Detection/Isolation via a Secure Multisensor Fusion Framework for Cyberphysical Systems

Directory of Open Access Journals (Sweden)

Arash Mohammadi

2018-01-01

Full Text Available Motivated by rapid growth of cyberphysical systems (CPSs and the necessity to provide secure state estimates against potential data injection attacks in their application domains, the paper proposes a secure and innovative attack detection and isolation fusion framework. The proposed multisensor fusion framework provides secure state estimates by using ideas from interactive multiple models (IMM combined with a novel fuzzy-based attack detection/isolation mechanism. The IMM filter is used to adjust the system’s uncertainty adaptively via model probabilities by using a hybrid state model consisting of two behaviour modes, one corresponding to the ideal scenario and one associated with the attack behaviour mode. The state chi-square test is then incorporated through the proposed fuzzy-based fusion framework to detect and isolate potential data injection attacks. In other words, the validation probability of each sensor is calculated based on the value of the chi-square test. Finally, by incorporation of the validation probability of each sensor, the weights of its associated subsystem are computed. To be concrete, an integrated navigation system is simulated with three types of attacks ranging from a constant bias attack to a non-Gaussian stochastic attack to evaluate the proposed attack detection and isolation fusion framework.

Revisión Sistemática de Literatura: Inyección SQL en Aplicaciones web

Directory of Open Access Journals (Sweden)

Jesennia Iñiguez Banegas

2016-11-01

Full Text Available La inyección SQL es una vulnerabilidad de seguridad que afecta a las aplicaciones web. Esto ocurre cuando se inserta una consulta SQL (código malicioso, por medio de las entradas de una interfaz de cliente permitiendo leer y modificar la información. El presente artículo detalla el proceso de la revisión sistemática de literatura sobre estudios primarios que plantean propuestas y solución acerca de inyección SQL. Se siguió el protocolo propuesto por Bárbara Kitchenham y se revisó un total de 9 estudios de varias revistas y conferencias. Las investigaciones sobre inyecciones SQL es todavía un tema abierto, se ha obtenido propuestas para la prevención y detección de la misma. Una de ellas es Hibrid Modeling Framework que hace frente a las vulnerabilidades de inyección SQL en la fase de diseño. Las soluciones expuestas son muchas y diversas, enfocadas en la prevención y detección de vulnerabilidades de inyección SQL.

SQL Server Integration Services

CERN Document Server

Hamilton, Bill

2007-01-01

SQL Server 2005 Integration Services (SSIS) lets you build high-performance data integration solutions. SSIS solutions wrap sophisticated workflows around tasks that extract, transform, and load (ETL) data from and to a wide variety of data sources. This Short Cut begins with an overview of key SSIS concepts, capabilities, standard workflow and ETL elements, the development environment, execution, deployment, and migration from Data Transformation Services (DTS). Next, you'll see how to apply the concepts you've learned through hands-on examples of common integration scenarios. Once you've

Coupling an Unstructured NoSQL Database with a Geographic Information System

OpenAIRE

Holemans, Amandine; Kasprzyk, Jean-Paul; Donnay, Jean-Paul

2018-01-01

The management of unstructured NoSQL (Not only Structured Query Language) databases has undergone a great development in the last years mainly thanks to Big Data. Nevertheless, the specificity of spatial information is not purposely taken into account. To overcome this difficulty, we propose to couple a NoSQL database with a spatial Relational Data Base Management System (RDBMS). Exchanges of information between these two systems are illustrated with relevant examples ...

Comparison of the Frontier Distributed Database Caching System with NoSQL Databases

CERN Document Server

Dykstra, David

2012-01-01

One of the main attractions of non-relational "NoSQL" databases is their ability to scale to large numbers of readers, including readers spread over a wide area. The Frontier distributed database caching system, used in production by the Large Hadron Collider CMS and ATLAS detector projects for Conditions data, is based on traditional SQL databases but also has high scalability and wide-area distributability for an important subset of applications. This paper compares the major characteristics of the two different approaches and identifies the criteria for choosing which approach to prefer over the other. It also compares in some detail the NoSQL databases used by CMS and ATLAS: MongoDB, CouchDB, HBase, and Cassandra.

A low loss Faraday isolator for squeezed vacuum injection in Advanced LIGO

Science.gov (United States)

Goetz, Ryan; Tanner, David; Mueller, Guido

2016-03-01

Using conventional interferometry, the strain sensitivity of Advanced LIGO is limited by a quantum noise floor known as the standard quantum limit (SQL). Injecting squeezed vacuum states into the output port of the interferometer allows for detector sensitivities below the SQL at frequencies within a band of observational interest. The effectiveness of squeezing in reducing quantum noise is strongly dependent upon the optical loss in the squeezed path. Thus, to combine the squeezed vacuum state with the interferometer output we require a Faraday isolator with both high power-throughput efficiency and high isolation ratio. A prototype isolator is currently being developed, and we will discuss the design goals and current status.

Ein Elefant vergißt nicht - Erweiterte Funktionen in PostgreSQL am Beispiel der CSN Datenbank

OpenAIRE

Schreiber, Daniel

2004-01-01

PostgreSQL ist eine Open Source Datenbank, die in den letzten Jahren sehr populär geworden ist. Das Chemnitzer Studentennetz benutzt seit 1999 PostgreSQL zur Verwaltung seines Netzes. Der Vortrag zeigt erweiterte Funktionen von PostgreSQL wie Views, Rules, Stored Procedures und Trigger sowie deren Verwendung in der CSN Datenbank.

GEO/SQL in water resource manegement

Directory of Open Access Journals (Sweden)

Andrej Vidmar

1992-12-01

Full Text Available The development of water resource management concepts shouis the problem of collecting, combining, and using alphanumerical and graphical spatial data. The solution of this problem lies in the use of geographic information systems - GIS. This paper describes the usefulness of GIS programming tool Geo/SQL in water resources management.

Beginning PHP and MySQL 5 from novice to professional

CERN Document Server

Gilmore, W Jason

2006-01-01

Written for the budding web developer searching for a powerful, low-cost solution for building flexible, dynamic web sites.Essentially three books in one: provides thorough introductions to the PHP language and the MySQL database, and shows you how these two technologies can be effectively integrated to build powerful websites.Provides over 500 code examples, including real-world tasks such as creating an auto-login feature, sending HTML-formatted e-mail, testing password guessability, and uploading files via a web interface.Updated for MySQL 5, includes new chapters introducing triggers, stor

Utilidad y funcionamiento de las bases de datos NoSQL

Directory of Open Access Journals (Sweden)

Alexander Castro Romero

2013-01-01

Full Text Available Reflexiona sobre las bases de datos NoSQL, describiéndolas y analizando el porqué de su importancia y actualidad; además recopila y define algunas características de este tipo de base de datos, para revisar las taxonomías más importantes y analizar el uso conjunto de tecnologías NoSQL y relacionales, con el fin de proporcionar un punto de partida para los trabajos en esta área por parte de investigadores.

Comparison of the Frontier Distributed Database Caching System to NoSQL Databases

Energy Technology Data Exchange (ETDEWEB)

Dykstra, Dave [Fermilab

2012-07-20

One of the main attractions of non-relational NoSQL databases is their ability to scale to large numbers of readers, including readers spread over a wide area. The Frontier distributed database caching system, used in production by the Large Hadron Collider CMS and ATLAS detector projects for Conditions data, is based on traditional SQL databases but also adds high scalability and the ability to be distributed over a wide-area for an important subset of applications. This paper compares the major characteristics of the two different approaches and identifies the criteria for choosing which approach to prefer over the other. It also compares in some detail the NoSQL databases used by CMS and ATLAS: MongoDB, CouchDB, HBase, and Cassandra.

Extensão do SGBD PostgreSQL para suportar recuperação de imagens por conteúdo

OpenAIRE

Melo, Ernani Viriato de

2006-01-01

Este projeto descreve uma extensão para o SGBDR PostgreSQL para suportar recuperação de imagens por conteúdo. Esta extensão, denominada PostgreSQL-IE, é independente de aplicação e possui as vantagens de ser portável e de ter o código aberto. A linguagem SQL estendida (SQL-IE), disponibilizada pelo PostgreSQL-IE, é composta por um conjunto de funções que inclui comandos para criar novas funções de extração do conteúdo das imagens, novos vetores de características com uma combin...

PENERAPAN HIRARKI DATA SQL DALAM MULTI LEVEL MARKETING

Directory of Open Access Journals (Sweden)

Sendi Novianto

2012-05-01

Full Text Available Sebagian besar pengguna pada satu waktu pasti pernah berurusan dengan hirarki data dalam database SQL dan tidak diragukan lagi belajar bahwa pengelolaan data hirarkis bukanlah apa yang dimaksudkan oleh database relasional. Tabel database relasional tidaklah hirarkis (seperti XML, tetapi hanya sebuah daftar. Data hirarkis memiliki hubungan parents-child yang tidak biasanya direpresentasikan dalam tabel database relasional. Multi Level Marketing (MLM merupakan suatu strategi pemasaran di mana tenaga penjualan mendapatkan kompensasi tidak hanya untuk penjualan tapi, tetapi juga untuk penjualan orang lain yang mereka rekrut, menciptakan suatu downline distributor dan hirarki dari berbagai tingkat kompensasi. Istilah lainnya untuk MLM termasuk jaringan pemasaran, penjualan dan pemasaran piramida rujukan. Data Hirarki penting di MLM untuk melacak catatan aktivitas penjualan, sehingga mereka dapat termotivasi setiap saat. Kata kunci : MLM, hirarki data, SQL, marketing.

Impact of Cyber Attacks on High Voltage DC Transmission Damping Control

Directory of Open Access Journals (Sweden)

Rui Fan

2018-04-01

Full Text Available Hybrid AC/HVDC (AC-HVDC grids have evolved to become huge cyber-physical systems that are vulnerable to cyber attacks because of the wide attack surface and increasing dependence on intelligent electronic devices, computing resources and communication networks. This paper, for the first time, studies the impact of cyber attacks on HVDC transmission oscillation damping control.Three kinds of cyber attack models are considered: timing attack, replay attack and false data injection attack. Followed by a brief introduction of the HVDC model and conventional oscillation damping control method, the design of three attack models is described in the paper. These attacks are tested on a modified IEEE New England 39-Bus AC-HVDC system. Simulation results have shown that all three kinds of attacks are capable of driving the AC-HVDC system into large oscillations or even unstable conditions.

An SQL-based approach to physics analysis

International Nuclear Information System (INIS)

Limper, Dr Maaike

2014-01-01

As part of the CERN openlab collaboration a study was made into the possibility of performing analysis of the data collected by the experiments at the Large Hadron Collider (LHC) through SQL-queries on data stored in a relational database. Currently LHC physics analysis is done using data stored in centrally produced 'ROOT-ntuple' files that are distributed through the LHC computing grid. The SQL-based approach to LHC physics analysis presented in this paper allows calculations in the analysis to be done at the database and can make use of the database's in-built parallelism features. Using this approach it was possible to reproduce results for several physics analysis benchmarks. The study shows the capability of the database to handle complex analysis tasks but also illustrates the limits of using row-based storage for storing physics analysis data, as performance was limited by the I/O read speed of the system.

Query containment in entity SQL

OpenAIRE

Rull Fort, Guillem; Bernstein, Philip A.; Garcia dos Santos, Ivo; Katsis, Yannis; Melnik, Sergey; Teniente López, Ernest

2013-01-01

We describe a software architecture we have developed for a constructive containment checker of Entity SQL queries defined over extended ER schemas expressed in Microsoft's Entity Data Model. Our application of interest is compilation of object-to-relational mappings for Microsoft's ADO.NET Entity Framework, which has been shipping since 2007. The supported language includes several features which have been individually addressed in the past but, to the best of our knowledge, they have not be...

Mastering SQL Server 2014 data mining

CERN Document Server

Bassan, Amarpreet Singh

2014-01-01

If you are a developer who is working on data mining for large companies and would like to enhance your knowledge of SQL Server Data Mining Suite, this book is for you. Whether you are brand new to data mining or are a seasoned expert, you will be able to master the skills needed to build a data mining solution.

Force sensing based on coherent quantum noise cancellation in a hybrid optomechanical cavity with squeezed-vacuum injection

Science.gov (United States)

Motazedifard, Ali; Bemani, F.; Naderi, M. H.; Roknizadeh, R.; Vitali, D.

2016-07-01

We propose and analyse a feasible experimental scheme for a quantum force sensor based on the elimination of backaction noise through coherent quantum noise cancellation (CQNC) in a hybrid atom-cavity optomechanical setup assisted with squeezed vacuum injection. The force detector, which allows for a continuous, broadband detection of weak forces well below the standard quantum limit (SQL), is formed by a single optical cavity simultaneously coupled to a mechanical oscillator and to an ensemble of ultracold atoms. The latter acts as a negative-mass oscillator so that atomic noise exactly cancels the backaction noise from the mechanical oscillator due to destructive quantum interference. Squeezed vacuum injection enforces this cancellation and allows sub-SQL sensitivity to be reached in a very wide frequency band, and at much lower input laser powers.

Force sensing based on coherent quantum noise cancellation in a hybrid optomechanical cavity with squeezed-vacuum injection

International Nuclear Information System (INIS)

Motazedifard, Ali; Bemani, F; Naderi, M H; Roknizadeh, R; Vitali, D

2016-01-01

We propose and analyse a feasible experimental scheme for a quantum force sensor based on the elimination of backaction noise through coherent quantum noise cancellation (CQNC) in a hybrid atom-cavity optomechanical setup assisted with squeezed vacuum injection. The force detector, which allows for a continuous, broadband detection of weak forces well below the standard quantum limit (SQL), is formed by a single optical cavity simultaneously coupled to a mechanical oscillator and to an ensemble of ultracold atoms. The latter acts as a negative-mass oscillator so that atomic noise exactly cancels the backaction noise from the mechanical oscillator due to destructive quantum interference. Squeezed vacuum injection enforces this cancellation and allows sub-SQL sensitivity to be reached in a very wide frequency band, and at much lower input laser powers. (paper)

Evaluation of NoSQL databases for DIRAC monitoring and beyond

CERN Document Server

Mathe, Z; Stagni, F; Tomassetti, L

2015-01-01

Nowadays, many database systems are available but they may not be optimized for storing time series data. Monitoring DIRAC jobs would be better done using a database optimised for storing time series data. So far it was done using a MySQL database, which is not well suited for such an application. Therefore alternatives have been investigated. Choosing an appropriate database for storing huge amounts of time series data is not trivial as one must take into account different aspects such as manageability, scalability and extensibility. We compared the performance of Elasticsearch, OpenTSDB (based on HBase) and InfluxDB NoSQL databases, using the same set of machines and the same data. We also evaluated the effort required for maintaining them. Using the LHCb Workload Management System (WMS), based on DIRAC as a use case we set up a new monitoring system, in parallel with the current MySQL system, and we stored the same data into the databases under test. We evaluated Grafana (for OpenTSDB) and Kibana (for Elas...

Application of MySQL in instantaneous profile gauge system

International Nuclear Information System (INIS)

Guo Xiaojing; Miao Jichen; Wu Zhifang

2011-01-01

As equipment in the hot rolling plate plant for online measurement of strip steel, the instantaneous profile gauge is used to measure instant crown of hot rolling strips and feed back the crown to the rolling mill to adjust strip profile. During the measurement, a large amount of data need to be stored reasonably for query, display, computation and other processing, while a database management software can make it happen. Based on such features of MySQL as small size, fast speed, low cost and open source codes, a database function was implemented in the instantaneous profile gauge for data storage, query and maintenance, by applying MySQL database management system and integrating with the control interface. (authors)

Application distribution model and related security attacks in VANET

Science.gov (United States)

Nikaein, Navid; Kanti Datta, Soumya; Marecar, Irshad; Bonnet, Christian

2013-03-01

In this paper, we present a model for application distribution and related security attacks in dense vehicular ad hoc networks (VANET) and sparse VANET which forms a delay tolerant network (DTN). We study the vulnerabilities of VANET to evaluate the attack scenarios and introduce a new attacker`s model as an extension to the work done in [6]. Then a VANET model has been proposed that supports the application distribution through proxy app stores on top of mobile platforms installed in vehicles. The steps of application distribution have been studied in detail. We have identified key attacks (e.g. malware, spamming and phishing, software attack and threat to location privacy) for dense VANET and two attack scenarios for sparse VANET. It has been shown that attacks can be launched by distributing malicious applications and injecting malicious codes to On Board Unit (OBU) by exploiting OBU software security holes. Consequences of such security attacks have been described. Finally, countermeasures including the concepts of sandbox have also been presented in depth.

Proceso de réplica de datos con Microsoft SQL Server para el Replicador de Datos Reko

OpenAIRE

Martín Peña, Nayibi; Martín Mata, Marcos Manuel; Labrada Quiala, Richel; Leyva Jerez, Gloria Raquel

2016-01-01

RESUMEN El Replicador de Datos Reko pretende cubrir las principales necesidades relacionadas con la distribución de datos entre los gestores de bases de datos más populares como PostgreSQL, MySQL y Oracle, pero no contaba con un mecanismo que resolviera la replicación de datos con Microsoft SQL Server. Cuando se deseaba replicar datos con Microsoft SQL Server haciendo uso del Replicador de Datos Reko se hacía necesaria la utilización de métodos tradicionales de distribución de datos, lo que c...

NoSQL technologies for the CMS Conditions Database

Science.gov (United States)

Sipos, Roland

2015-12-01

With the restart of the LHC in 2015, the growth of the CMS Conditions dataset will continue, therefore the need of consistent and highly available access to the Conditions makes a great cause to revisit different aspects of the current data storage solutions. We present a study of alternative data storage backends for the Conditions Databases, by evaluating some of the most popular NoSQL databases to support a key-value representation of the CMS Conditions. The definition of the database infrastructure is based on the need of storing the conditions as BLOBs. Because of this, each condition can reach the size that may require special treatment (splitting) in these NoSQL databases. As big binary objects may be problematic in several database systems, and also to give an accurate baseline, a testing framework extension was implemented to measure the characteristics of the handling of arbitrary binary data in these databases. Based on the evaluation, prototypes of a document store, using a column-oriented and plain key-value store, are deployed. An adaption layer to access the backends in the CMS Offline software was developed to provide transparent support for these NoSQL databases in the CMS context. Additional data modelling approaches and considerations in the software layer, deployment and automatization of the databases are also covered in the research. In this paper we present the results of the evaluation as well as a performance comparison of the prototypes studied.

Mocking in Oracle PL/SQL

CERN Multimedia

CERN. Geneva

2015-01-01

Testing is not very popular in database development, so there are none common approaches how to test software written in database. Surprisingly one of the oldest DB still lacks of appropriate testing approach for its PL/SQL programs. SQLDeveloper's built-in test "framework" is far from excellence, especially it does not cover mocking which is inherent part of testing for any bigger system being developed. This talk will briefly introduce Edition-Based Redefinition by Oracle to be used for mocking.

Implementing CBM: SQL-Tutor after Fifteen Years

Science.gov (United States)

Mitrovic, Antonija; Ohlsson, Stellan

2016-01-01

SQL-Tutor is the first constraint-based tutor. The initial conference papers about the system were published in 1998 (Mitrovic 1998a, 1998b, 1998c), with an "IJAIED" paper published in 1999 (Mitrovic and Ohlsson, "International Journal Artificial Intelligence in Education," 10(3-4), 238-256, 1999). We published another…

Comparing MongoDB to SQL Server, Replicated

NARCIS (Netherlands)

K. Azizi

2014-01-01

htmlabstractParker et al [1] studied the performance difference between MongoDB and Microsoft SQL Server on basis of a number of insert, update and select scenarios. As the result of their study, they conclude that MongoDB has got a better performance when it comes to insert, update and simple

Microsoft SQL Server 2012 administration real-world skills for MCSA certification and beyond (exams 70-461, 70-462, and 70-463)

CERN Document Server

Carpenter, Tom

2013-01-01

Implement, maintain, and repair SQL Server 2012 databases As the most significant update since 2008, Microsoft SQL Server 2012 boasts updates and new features that are critical to understand. Whether you manage and administer SQL Server 2012 or are planning to get your MCSA: SQL Server 2012 certification, this book is the perfect supplement to your learning and preparation. From understanding SQL Server's roles to implementing business intelligence and reporting, this practical book explores tasks and scenarios that a working SQL Server DBA faces regularly and shows you step by ste

Creating a Data Warehouse using SQL Server

DEFF Research Database (Denmark)

Sørensen, Jens Otto; Alnor, Karl

1999-01-01

In this paper we construct a Star Join Schema and show how this schema can be created using the basic tools delivered with SQL Server 7.0. Major objectives are to keep the operational database unchanged so that data loading can be done with out disturbing the business logic of the operational...

The Microsoft Data Warehouse Toolkit With SQL Server 2008 R2 and the Microsoft Business Intelligence Toolset

CERN Document Server

Mundy, Joy; Kimball, Ralph

2011-01-01

Best practices and invaluable advice from world-renowned data warehouse expertsIn this book, leading data warehouse experts from the Kimball Group share best practices for using the upcoming "Business Intelligence release" of SQL Server, referred to as SQL Server 2008 R2. In this new edition, the authors explain how SQL Server 2008 R2 provides a collection of powerful new tools that extend the power of its BI toolset to Excel and SharePoint users and they show how to use SQL Server to build a successful data warehouse that supports the business intelligence requirements that are common to most

Subclinical endophthalmitis following a rooster attack.

Science.gov (United States)

Lekse Kovach, Jaclyn; Maguluri, Srilakshmi; Recchia, Franco M

2006-12-01

Ocular injury resulting from rooster attacks is rarely reported in the literature. Sadly, the target of these attacks is most often children younger than 3 years old, whose naiveté of the aggressive, territorial behavior of birds can place them at risk. Acute sequelae of these attacks can result in a lifetime of visual impairment. The possibility of a subacute or occult infection is an unusual occurrence that must always be considered. In an effort to prevent future attacks and ocular casualties, we present a case of a 12-month-old boy who suffered an open globe following a rooster attack. The open globe was emergently repaired. One week later, a white cataract was noticed on examination in the absence of systemic or ocular signs of inflammation. Traumatic endophthalmitis and lenticular abscess were suspected during examination under anesthesia. Vitrectomy, lensectomy, and injection of intravitreal antibiotics were performed. Culture of lenticular and vitreous aspirates grew alpha-streptococcus. Alpha-streptococcal endophthalmitis can result from ocular injuries caused by rooster pecking. The infection may present insidiously and without typical ocular or systemic symptoms or signs. Management is challenging and may require surgery.

Cavitating flow control through continuous tangential mass injection on a 2D hydrofoil at a small attack angle

Directory of Open Access Journals (Sweden)

Timoshevskiy Mikhail V.

2016-01-01

Full Text Available We studied cavitating flow over the suction side of a symmetric 2D foil – a scaled-down model of high-pressure hydroturbine guide vanes (GV – in different cavitation regimes at the attack angle of 3°. High-speed imaging was used to analyze spatial patterns and time dynamics of the gas-vapour cavities. A hydroacoustic pressure transducer was employed to register time-spectra of pressure fluctuations nearby the hydrofoil. A PIV technique was applied to measure the velocity fields and its fluctuations. The active flow control was implemented by means of a continuous liquid supply with different flow rates through a slot channel located in the GV surface. It was found that the active mass injection does not influence the primary flow upstream of the slot channel position. For the cavitation-free and cavitation inception cases, the injection was shown to make the turbulent wake past the GV section more intense. However, at the developed cavitation regimes the active flow management made it possible to reduce substantially the amplitude or even totally suppress the periodic cavity length oscillations and pressure pulsations associated with them.

PERANGKAT BANTU UNTUK OPTIMASI QUERY PADA ORACLE DENGAN RESTRUKTURISASI SQL

Directory of Open Access Journals (Sweden)

Darlis Heru Murti

2006-07-01

Full Text Available Query merupakan bagian dari bahasa pemrograman SQL (Structured Query Language yang berfungsi untuk mengambil data (read dalam DBMS (Database Management System, termasuk Oracle [3]. Pada Oracle, ada tiga tahap proses yang dilakukan dalam pengeksekusian query, yaitu Parsing, Execute dan Fetch. Sebelum proses execute dijalankan, Oracle terlebih dahulu membuat execution plan yang akan menjadi skenario dalam proses excute.Dalam proses pengeksekusian query, terdapat faktor-faktor yang mempengaruhi kinerja query, di antaranya access path (cara pengambilan data dari sebuah tabel dan operasi join (cara menggabungkan data dari dua tabel. Untuk mendapatkan query dengan kinerja optimal, maka diperlukan pertimbangan-pertimbangan dalam menyikapi faktor-faktor tersebut.  Optimasi query merupakan suatu cara untuk mendapatkan query dengan kinerja seoptimal mungkin, terutama dilihat dari sudut pandang waktu. Ada banyak metode untuk mengoptimasi query, tapi pada Penelitian ini, penulis membuat sebuah aplikasi untuk mengoptimasi query dengan metode restrukturisasi SQL statement. Pada metode ini, objek yang dianalisa adalah struktur klausa yang membangun sebuah query. Aplikasi ini memiliki satu input dan lima jenis output. Input dari aplikasi ini adalah sebuah query sedangkan kelima jenis output aplikasi ini adalah berupa query hasil optimasi, saran perbaikan, saran pembuatan indeks baru, execution plan dan data statistik. Cara kerja aplikasi ini dibagi menjadi empat tahap yaitu mengurai query menjadi sub query, mengurai query per-klausa, menentukan access path dan operasi join dan restrukturisasi query.Dari serangkaian ujicoba yang dilakukan penulis, aplikasi telah dapat berjalan sesuai dengan tujuan pembuatan Penelitian ini, yaitu mendapatkan query dengan kinerja optimal.Kata Kunci : Query, SQL, DBMS, Oracle, Parsing, Execute, Fetch, Execution Plan, Access Path, Operasi Join, Restrukturisasi SQL statement.

Microsoft® SQL Server® 2008 Analysis Services Step by Step

CERN Document Server

Cameron, Scott

2009-01-01

Teach yourself to use SQL Server 2008 Analysis Services for business intelligence-one step at a time. You'll start by building your understanding of the business intelligence platform enabled by SQL Server and the Microsoft Office System, highlighting the role of Analysis Services. Then, you'll create a simple multidimensional OLAP cube and progressively add features to help improve, secure, deploy, and maintain an Analysis Services database. You'll explore core Analysis Services 2008 features and capabilities, including dimension, cube, and aggregation design wizards; a new attribute relatio

Life in extra dimensions of database world or penetration of NoSQL in HEP community

International Nuclear Information System (INIS)

Kuznetsov, V; Evans, D; Metson, S

2012-01-01

The recent buzzword in IT world is NoSQL. Major players, such as Facebook, Yahoo, Google, etc. are widely adopted different “NoSQL” solutions for their needs. Horizontal scalability, flexible data model and management of big data volumes are only a few advantages of NoSQL. In CMS experiment we use several of them in production environment. Here, we present CMS projects based on NoSQL solutions, their strengths and weaknesses as well as our experience with those tools and their coexistence with standard RDBMS solutions in our applications.

Life in extra dimensions of database world or penetration of NoSQL in HEP community

Science.gov (United States)

Kuznetsov, V.; Evans, D.; Metson, S.

2012-12-01

The recent buzzword in IT world is NoSQL. Major players, such as Facebook, Yahoo, Google, etc. are widely adopted different “NoSQL” solutions for their needs. Horizontal scalability, flexible data model and management of big data volumes are only a few advantages of NoSQL. In CMS experiment we use several of them in production environment. Here, we present CMS projects based on NoSQL solutions, their strengths and weaknesses as well as our experience with those tools and their coexistence with standard RDBMS solutions in our applications.

Hardware Acceleration of SQL-Queries Processing in MDM-Systems Based on MISDSolution

Directory of Open Access Journals (Sweden)

V. E. Podol'skii

2015-01-01

Full Text Available In this article we examine the possibility of hardware support for functions of mobile device management platform (MDM-platform using a Multiple Instructions and Single Data stream computer system, developed within the framework of the project in Bauman Moscow State Technical University. At the universities the MDM-platform is used to provide various mobile services for the faculty, students and administration to facilitate the learning process: a mobile schedule, document sharing, text messages, and other interactive activities. Most of these services are provided by the extensive use of data stored in MDM-platform databases. When accessing the databases SQL- queries are commonly used. These queries comprise operators of SQL-language that are based on mathematical sets theory. Hardware support for operations on sets is implemented in Multiple Instructions and Single Data stream computer system (MISD System. This allows performance improvement of algorithms and operations on sets. Thus, the hardware support for the processing of SQL-queries in MISD system allows us to benefit from the implementation of SQL-queries in the MISD paradigm.The scientific novelty of the work lies in the fact that it is the first time a set of algorithms for basic SQL statements has been presented in a format supported by MISD system. In addition, for the first time operators INNER JOIN, LEFT JOIN and LEFT OUTER JOIN have been implemented for MISD system and tested for it (testing was done for FPGA Xilinx Virtex-II Pro XC2VP30 implementation of MISD system. The practical significance of the work lies in the fact that the results of the study will be used in the project "Development of the Russian analogue of the system software for centralized management of personal devices and platforms in enterprise networks" of the St. Petersburg Polytechnic University (with the financial support of the state represented by the Ministry of Education and Science of the Russian

Extending SQL to Support Privacy Policies

Science.gov (United States)

Ghazinour, Kambiz; Pun, Sampson; Majedi, Maryam; Chinaci, Amir H.; Barker, Ken

Increasing concerns over Internet applications that violate user privacy by exploiting (back-end) database vulnerabilities must be addressed to protect both customer privacy and to ensure corporate strategic assets remain trustworthy. This chapter describes an extension onto database catalogues and Structured Query Language (SQL) for supporting privacy in Internet applications, such as in social networks, e-health, e-governmcnt, etc. The idea is to introduce new predicates to SQL commands to capture common privacy requirements, such as purpose, visibility, generalization, and retention for both mandatory and discretionary access control policies. The contribution is that corporations, when creating the underlying databases, will be able to define what their mandatory privacy policies arc with which all application users have to comply. Furthermore, each application user, when providing their own data, will be able to define their own privacy policies with which other users have to comply. The extension is supported with underlying catalogues and algorithms. The experiments demonstrate a very reasonable overhead for the extension. The result is a low-cost mechanism to create new systems that arc privacy aware and also to transform legacy databases to their privacy-preserving equivalents. Although the examples arc from social networks, one can apply the results to data security and user privacy of other enterprises as well.

The development of an electronic business based on the MySQL technology

Directory of Open Access Journals (Sweden)

Andreea IONESCU

2011-09-01

Full Text Available This article aims to demonstrate the importance of using relational database management system in working with web applications. We chose MySQL technology like representative relational database management system because has: portability, scalability, speed, is easy to use, is open source, is widely used by web developers and provides good security. We watched the analysis of an electronic business. We also presented the technologies that we have used: PHP, MySQL, HTML, CSS.

SQL Server 2012 reporting services blueprints

CERN Document Server

Ribunal, Marlon

2013-01-01

Follow the fictional John Kirkland through a series of real-world reporting challenges based on actual business conditions. Use his detailed blueprints to develop your own reports for every requirement.This book is for report developers, data analysts, and database administrators struggling to master the complex world of effective reporting in SQL Server 2012. Knowledge of how data sources and data sets work will greatly help readers to speed through the tutorials.

NoSQL Databases for RDF: An Empirical Evaluation

NARCIS (Netherlands)

Cudré-Mauroux, P.; Enchev, I.; Fundatureanu, S.; Groth, P.T.; Haque, A.; Harth, A.; Keppmann, F. L.; Miranker, D.; Sequeda, J.; Wylot, M.

2013-01-01

Processing large volumes of RDF data requires sophisticated tools. In recent years, much effort was spent on optimizing native RDF stores and on repurposing relational query engines for large-scale RDF processing. Concurrently, a number of new data management systems-regrouped under the NoSQL (for

NoSQL technologies for the CMS Conditions Database

CERN Document Server

Sipos, Roland

2015-01-01

With the restart of the LHC in 2015, the growth of the CMS Conditions dataset will continue, therefore the need of consistent and highly available access to the Conditions makes a great cause to revisit different aspects of the current data storage solutions.We present a study of alternative data storage backends for the Conditions Databases, by evaluating some of the most popular NoSQL databases to support a key-value representation of the CMS Conditions. An important detail about the Conditions that the payloads are stored as BLOBs, and they can reach sizes that may require special treatment (splitting) in these NoSQL databases. As big binary objects may be a bottleneck in several database systems, and also to give an accurate baseline, a testing framework extension was implemented to measure the characteristics of the handling of arbitrary binary data in these databases. Based on the evaluation, prototypes of a document store, using a column-oriented and plain key-value store, are deployed. An adaption l...

UN VIAJE A TRAVÉS DE BASES DE DATOS ESPACIALES NoSQL

Directory of Open Access Journals (Sweden)

Helio Henry Ramírez Arévalo

2013-03-01

Full Text Available Actualmente, aunque las bases de datos relacionales son utilizadas con éxito para diferentes tipos de escenarios y datos, el concepto NoSQL se escucha con fuerza, a pesar de todas las ventajas que puede ofrecer el modelo relacional, los cuales, a través de su almacén de tuplas y con habilidades de actualización, recuperación de información y estabilidad, pueden complementarse sobre cualquier sistema con gran eficiencia. En este artículo se presenta una revisión global de lo hoy conocido como tendencia NoSQL, analizando sus ventajas en implementaciones de tipo espacial y geográfico. Como objetivo final de este artículo se plantea la identificación de elementos de análisis al momento de desarrollar sistemas espaciales, que le permita al lector identificar si NoSQL es una buena opción como modelo a implementar.

JST Thesaurus Headwords and Synonyms: SQL [MeCab user dictionary for science technology term[Archive

Lifescience Database Archive (English)

Full Text Available MeCab user dictionary for science technology term SQL 名詞 一般 * * * * ＳＱＬ【ソフトウェア】 ＳＱＬ エスキューエル Thesaurus2015 200906011326277027 C EG01 UNKNOWN_1 SQL

Analysis and comparison of NoSQL databases with an introduction to consistent references in big data storage systems

Science.gov (United States)

Dziedzic, Adam; Mulawka, Jan

2014-11-01

NoSQL is a new approach to data storage and manipulation. The aim of this paper is to gain more insight into NoSQL databases, as we are still in the early stages of understanding when to use them and how to use them in an appropriate way. In this submission descriptions of selected NoSQL databases are presented. Each of the databases is analysed with primary focus on its data model, data access, architecture and practical usage in real applications. Furthemore, the NoSQL databases are compared in fields of data references. The relational databases offer foreign keys, whereas NoSQL databases provide us with limited references. An intermediate model between graph theory and relational algebra which can address the problem should be created. Finally, the proposal of a new approach to the problem of inconsistent references in Big Data storage systems is introduced.

Security attack detection algorithm for electric power gis system based on mobile application

Science.gov (United States)

Zhou, Chao; Feng, Renjun; Wang, Liming; Huang, Wei; Guo, Yajuan

2017-05-01

Electric power GIS is one of the key information technologies to satisfy the power grid construction in China, and widely used in power grid construction planning, weather, and power distribution management. The introduction of electric power GIS based on mobile applications is an effective extension of the geographic information system that has been widely used in the electric power industry. It provides reliable, cheap and sustainable power service for the country. The accurate state estimation is the important conditions to maintain the normal operation of the electric power GIS. Recent research has shown that attackers can inject the complex false data into the power system. The injection attack of this new type of false data (load integrity attack LIA) can successfully bypass the routine detection to achieve the purpose of attack, so that the control center will make a series of wrong decision. Eventually, leading to uneven distribution of power in the grid. In order to ensure the safety of the electric power GIS system based on mobile application, it is very important to analyze the attack mechanism and propose a new type of attack, and to study the corresponding detection method and prevention strategy in the environment of electric power GIS system based on mobile application.

Write Python instead of SQL - an introduction to SQLAlchemy.

CERN Multimedia

CERN. Geneva

2016-01-01

SQLAlchemy is the most popular ORM and SQL abstraction layer for Python and used by multiple big projects at CERN such as Indico or Invenio. In my talk I'm going to give a short introduction on how to use it.

Integrasi Algoritma K-Means Dengan Bahasa SQL Untuk Klasterisasi IPK Mahasiswa (Studi Kasus: Fakultas Ilmu Komputer Universitas Brawijaya

Directory of Open Access Journals (Sweden)

Issa Arwani

2015-07-01

Abstract Generally, clustering implemented with taking data from database to be stored temporarily in a program variable (eg, in an array then continue with clustering process.Directclustering where the data is storedby integrating the clustering algorithm using the SQL language on the DBMS is proposed.In this study focused on the design and implementation of K-means clustering algorithm on a Relational DBMS using the SQL language. The clustering process carried out with a case study of GPA student in the Faculty of Computer Science University of Brawijaya.Based on results with a variety of dimensions, the number of clusters and different distance calculation methods, has obtained clustering data correctly. Based on time complexity to review each stage of the implementation K - means using SQL and without SQL, showing the same results of asymptotic time complexity where phase euclidean distance still requires the highest time complexity. Keywords: Clustering, K-means, SQL, GPA (Grade Point Average

MySQL based selection of appropriate indexing technique in ...

African Journals Online (AJOL)

Administrator

Keywords: B-tree indexing, MySQL, Support vector machine, Smart card. 1. ..... SVM are strong classifiers in the field of machine learning and we will be using ..... We acknowledge Mr. Abhishek Roy, student of NIT Surathkal for his help in the ...

Deploying Crowd-Sourced Formal Verification Systems in a DoD Network

Science.gov (United States)

2013-09-01

which are bad data traffic, exploits about mysql , sql injection, web attacks, DDoS, flash, chat and browser vulnerabilities. The Snort rules on CSFV...3.16-2.el6 @base java -1.5.0-gcj.x86_64 1.5.0.0-29.1.el6 @base...2.7.6-12.el6_4.1 @updates libxml2-python.x86_64 2.7.6-12.el6_4.1 @updates mysql

High dimensional biological data retrieval optimization with NoSQL technology

Science.gov (United States)

2014-01-01

Background High-throughput transcriptomic data generated by microarray experiments is the most abundant and frequently stored kind of data currently used in translational medicine studies. Although microarray data is supported in data warehouses such as tranSMART, when querying relational databases for hundreds of different patient gene expression records queries are slow due to poor performance. Non-relational data models, such as the key-value model implemented in NoSQL databases, hold promise to be more performant solutions. Our motivation is to improve the performance of the tranSMART data warehouse with a view to supporting Next Generation Sequencing data. Results In this paper we introduce a new data model better suited for high-dimensional data storage and querying, optimized for database scalability and performance. We have designed a key-value pair data model to support faster queries over large-scale microarray data and implemented the model using HBase, an implementation of Google's BigTable storage system. An experimental performance comparison was carried out against the traditional relational data model implemented in both MySQL Cluster and MongoDB, using a large publicly available transcriptomic data set taken from NCBI GEO concerning Multiple Myeloma. Our new key-value data model implemented on HBase exhibits an average 5.24-fold increase in high-dimensional biological data query performance compared to the relational model implemented on MySQL Cluster, and an average 6.47-fold increase on query performance on MongoDB. Conclusions The performance evaluation found that the new key-value data model, in particular its implementation in HBase, outperforms the relational model currently implemented in tranSMART. We propose that NoSQL technology holds great promise for large-scale data management, in particular for high-dimensional biological data such as that demonstrated in the performance evaluation described in this paper. We aim to use this new data

High dimensional biological data retrieval optimization with NoSQL technology.

Science.gov (United States)

Wang, Shicai; Pandis, Ioannis; Wu, Chao; He, Sijin; Johnson, David; Emam, Ibrahim; Guitton, Florian; Guo, Yike

2014-01-01

High-throughput transcriptomic data generated by microarray experiments is the most abundant and frequently stored kind of data currently used in translational medicine studies. Although microarray data is supported in data warehouses such as tranSMART, when querying relational databases for hundreds of different patient gene expression records queries are slow due to poor performance. Non-relational data models, such as the key-value model implemented in NoSQL databases, hold promise to be more performant solutions. Our motivation is to improve the performance of the tranSMART data warehouse with a view to supporting Next Generation Sequencing data. In this paper we introduce a new data model better suited for high-dimensional data storage and querying, optimized for database scalability and performance. We have designed a key-value pair data model to support faster queries over large-scale microarray data and implemented the model using HBase, an implementation of Google's BigTable storage system. An experimental performance comparison was carried out against the traditional relational data model implemented in both MySQL Cluster and MongoDB, using a large publicly available transcriptomic data set taken from NCBI GEO concerning Multiple Myeloma. Our new key-value data model implemented on HBase exhibits an average 5.24-fold increase in high-dimensional biological data query performance compared to the relational model implemented on MySQL Cluster, and an average 6.47-fold increase on query performance on MongoDB. The performance evaluation found that the new key-value data model, in particular its implementation in HBase, outperforms the relational model currently implemented in tranSMART. We propose that NoSQL technology holds great promise for large-scale data management, in particular for high-dimensional biological data such as that demonstrated in the performance evaluation described in this paper. We aim to use this new data model as a basis for migrating

Privacy Leaks through Data Hijacking Attack on Mobile Systems

Directory of Open Access Journals (Sweden)

Zhang Daojuan

2017-01-01

Full Text Available To persistently eavesdrop on the mobile devices, attackers may obtain the elevated privilege and inject malicious modules into the user devices. Unfortunately, the attackers may not be able to obtain the privilege for a long period of time since the exploitable vulnerabilities may be fixed or the malware may be removed. In this paper, we propose a new data hijacking attack for the mobile apps. By employing the proposed method, the attackers are only required to obtain the root privilege of the user devices once, and they can persistently eavesdrop without any change to the original device. Specifically, we design a new approach to construct a shadow system by hijacking user data files. In the shadow system, attackers possess the identical abilities to the victims. For instance, if a victim has logged into the email app, the attacker can also access the email server in the shadow system without authentication in a long period of time. Without reauthentication of the app, it is difficult for victims to notice the intrusion since the whole eavesdropping is performed on other devices (rather than the user devices. In our experiments, we evaluate the effectiveness of the proposed attack and the result demonstrates that even the Android apps released by the top developers cannot resist this attack. Finally, we discuss some approaches to defend the proposed attack.

SolveDB: Integrating Optimization Problem Solvers Into SQL Databases

DEFF Research Database (Denmark)

Siksnys, Laurynas; Pedersen, Torben Bach

2016-01-01

for optimization problems, (2) an extensible infrastructure for integrating different solvers, and (3) query optimization techniques to achieve the best execution performance and/or result quality. Extensive experiments with the PostgreSQL-based implementation show that SolveDB is a versatile tool offering much...

Comparison of the Frontier Distributed Database Caching System with NoSQL Databases

CERN Multimedia

CERN. Geneva

2012-01-01

Non-relational "NoSQL" databases such as Cassandra and CouchDB are best known for their ability to scale to large numbers of clients spread over a wide area. The Frontier distributed database caching system, used in production by the Large Hadron Collider CMS and ATLAS detector projects, is based on traditional SQL databases but also has the same high scalability and wide-area distributability for an important subset of applications. This paper compares the architectures, behavior, performance, and maintainability of the two different approaches and identifies the criteria for choosing which approach to prefer over the other.

SQL serverių efektyvumo tyrimai vidutinių duomenų bazių projektuose

OpenAIRE

Jakšta, Deividas

2007-01-01

Atliekant duomenų bazės projektavimo darbus visuomet yra svarbu žinoti ar pasirinkta sistema veiks taip kaip tikimasi. Šio darbo tikslas sukurti SQL serverių testavimo įrankį, kuris padės renkantis vienokią ar kitokią sistemą. Darbe išanalizuoti panašūs projektai, įvertinti tų projektų privalumai bei trūkumai. Making a data base project always important to know - do the system will work properly. The main point of this job is to create the test system of SQL servers (or DBMS – Data Bases M...

Data Processing Languages for Business Intelligence. SQL vs. R

Directory of Open Access Journals (Sweden)

Marin FOTACHE

2016-01-01

Full Text Available As data centric approach, Business Intelligence (BI deals with the storage, integration, processing, exploration and analysis of information gathered from multiple sources in various formats and volumes. BI systems are generally synonymous to costly, complex platforms that require vast organizational resources. But there is also an-other face of BI, that of a pool of data sources, applications, services developed at different times using different technologies. This is “democratic” BI or, in some cases, “fragmented”, “patched” (or “chaotic” BI. Fragmentation creates not only integration problems, but also supports BI agility as new modules can be quickly developed. Among various languages and tools that cover large extents of BI activities, SQL and R are instrumental for both BI platform developers and BI users. SQL and R address both monolithic and democratic BI. This paper compares essential data processing features of two languages, identifying similarities and differences among them and also their strengths and limits.

A Framework for SQL Learning: Linking Learning Taxonomy, Cognitive Model and Cross Cutting Factors

OpenAIRE

Huda Al Shuaily; Karen Renaud

2016-01-01

Databases comprise the foundation of most software systems. System developers inevitably write code to query these databases. The de facto language for querying is SQL and this, consequently, is the default language taught by higher education institutions. There is evidence that learners find it hard to master SQL, harder than mastering other programming languages such as Java. Educators do not agree about explanations for this seeming anomaly. Further investigation may well reveal the reason...

Alternatives to relational database: comparison of NoSQL and XML approaches for clinical data storage.

Science.gov (United States)

Lee, Ken Ka-Yin; Tang, Wai-Choi; Choi, Kup-Sze

2013-04-01

Clinical data are dynamic in nature, often arranged hierarchically and stored as free text and numbers. Effective management of clinical data and the transformation of the data into structured format for data analysis are therefore challenging issues in electronic health records development. Despite the popularity of relational databases, the scalability of the NoSQL database model and the document-centric data structure of XML databases appear to be promising features for effective clinical data management. In this paper, three database approaches--NoSQL, XML-enabled and native XML--are investigated to evaluate their suitability for structured clinical data. The database query performance is reported, together with our experience in the databases development. The results show that NoSQL database is the best choice for query speed, whereas XML databases are advantageous in terms of scalability, flexibility and extensibility, which are essential to cope with the characteristics of clinical data. While NoSQL and XML technologies are relatively new compared to the conventional relational database, both of them demonstrate potential to become a key database technology for clinical data management as the technology further advances. Copyright © 2012 Elsevier Ireland Ltd. All rights reserved.

SDSS Log Viewer: visual exploratory analysis of large-volume SQL log data

Science.gov (United States)

Zhang, Jian; Chen, Chaomei; Vogeley, Michael S.; Pan, Danny; Thakar, Ani; Raddick, Jordan

2012-01-01

User-generated Structured Query Language (SQL) queries are a rich source of information for database analysts, information scientists, and the end users of databases. In this study a group of scientists in astronomy and computer and information scientists work together to analyze a large volume of SQL log data generated by users of the Sloan Digital Sky Survey (SDSS) data archive in order to better understand users' data seeking behavior. While statistical analysis of such logs is useful at aggregated levels, efficiently exploring specific patterns of queries is often a challenging task due to the typically large volume of the data, multivariate features, and data requirements specified in SQL queries. To enable and facilitate effective and efficient exploration of the SDSS log data, we designed an interactive visualization tool, called the SDSS Log Viewer, which integrates time series visualization, text visualization, and dynamic query techniques. We describe two analysis scenarios of visual exploration of SDSS log data, including understanding unusually high daily query traffic and modeling the types of data seeking behaviors of massive query generators. The two scenarios demonstrate that the SDSS Log Viewer provides a novel and potentially valuable approach to support these targeted tasks.

Exploring Large Scale Data Analysis and Visualization for ARM Data Discovery Using NoSQL Technologies

Science.gov (United States)

Krishna, B.; Gustafson, W. I., Jr.; Vogelmann, A. M.; Toto, T.; Devarakonda, R.; Palanisamy, G.

2016-12-01

This paper presents a new way of providing ARM data discovery through data analysis and visualization services. ARM stands for Atmospheric Radiation Measurement. This Program was created to study cloud formation processes and their influence on radiative transfer and also include additional measurements of aerosol and precipitation at various highly instrumented ground and mobile stations. The total volume of ARM data is roughly 900TB. The current search for ARM data is performed by using its metadata, such as the site name, instrument name, date, etc. NoSQL technologies were explored to improve the capabilities of data searching, not only by their metadata, but also by using the measurement values. Two technologies that are currently being implemented for testing are Apache Cassandra (noSQL database) and Apache Spark (noSQL based analytics framework). Both of these technologies were developed to work in a distributed environment and hence can handle large data for storing and analytics. D3.js is a JavaScript library that can generate interactive data visualizations in web browsers by making use of commonly used SVG, HTML5, and CSS standards. To test the performance of NoSQL for ARM data, we will be using ARM's popular measurements to locate the data based on its value. Recently noSQL technology has been applied to a pilot project called LASSO, which stands for LES ARM Symbiotic Simulation and Observation Workflow. LASSO will be packaging LES output and observations in "data bundles" and analyses will require the ability for users to analyze both observations and LES model output either individually or together across multiple time periods. The LASSO implementation strategy suggests that enormous data storage is required to store the above mentioned quantities. Thus noSQL was used to provide a powerful means to store portions of the data that provided users with search capabilities on each simulation's traits through a web application. Based on the user selection

MySQL based selection of appropriate indexing technique in ...

African Journals Online (AJOL)

This paper deals with selection of appropriate indexing technique applied on MySQL Database for a health care system and related performance issues using multiclass support vector machine (SVM). The patient database is generally huge and contains lot of variations. For the quick search or fast retrieval of the desired ...

NoSQL datu bāžu izmantošanas iespējas uzņēmumos

OpenAIRE

Plankais, Edgars

2015-01-01

Mūsdienās arvien lielāku popularitāti iegūst NoSQL datu bāzu sistēmas, jo tās spēj saglabāt liela apjoma datus un ir piemērotas specifisku problēmu risināšanai. Darba mērķis ir izpētīt NoSQL izmantošanas iespējas uzņēmumiem, un saprast, kā tās var palīdzēt risināt uzņēmējdarbības problēmas. Darba pirmajā daļā tiek apskatītas relāciju datu bāzes un to izmantošanas nepilnības, kas bija iemesls NoSQL attīstībai. Otrajā darba daļā tiek aplūkoti NoSQL datu bāzu arhitektūras modeļi un to izmanto...

Physical Watermarking for Securing Cyber-Physical Systems via Packet Drop Injections

Energy Technology Data Exchange (ETDEWEB)

Ozel, Omur [Carnegie Mellon Univ., Pittsburgh, PA (United States); Weekrakkody, Sean [Carnegie Mellon Univ., Pittsburgh, PA (United States); Sinopoli, Bruno [Carnegie Mellon Univ., Pittsburgh, PA (United States)

2017-10-23

Physical watermarking is a well known solution for detecting integrity attacks on Cyber-Physical Systems (CPSs) such as the smart grid. Here, a random control input is injected into the system in order to authenticate physical dynamics and sensors which may have been corrupted by adversaries. Packet drops may naturally occur in a CPS due to network imperfections. To our knowledge, previous work has not considered the role of packet drops in detecting integrity attacks. In this paper, we investigate the merit of injecting Bernoulli packet drops into the control inputs sent to actuators as a new physical watermarking scheme. With the classical linear quadratic objective function and an independent and identically distributed packet drop injection sequence, we study the effect of packet drops on meeting security and control objectives. Our results indicate that the packet drops could act as a potential physical watermark for attack detection in CPSs.

DATA ANALYSIS BY SQL-MAPREDUCE PLATFORM

Directory of Open Access Journals (Sweden)

A. A. A. Dergachev

2014-01-01

Full Text Available The paper deals with the problems related to the usage of relational database management system (RDBMS, mainly in the analysis of large data content, including data analysis based on web services in the Internet. A solution of these problems can be represented as a web-oriented distributed system of the data analysis with the processor of service requests as an executive kernel. The functions of such system are similar to the functions of relational DBMS, only with the usage of web services. The processor of service requests is responsible for planning of data analysis web services calls and their execution. The efficiency of such web-oriented system depends on the efficiency of web services calls plan and their program implementation where the basic element is the facilities of analyzed data storage – relational DBMS. The main attention is given to extension of functionality of relational DBMS for the analysis of large data content, in particular, the perspective estimation of web services data analysis implementation on the basis of SQL/MapReduce platform. With a view of obtaining this result, analytical task was chosen as an application-oriented part, typical for data analysis in various social networks and web portals, based on data analysis of users’ attendance. In the practical part of this research the algorithm for planning of web services calls was implemented for application-oriented task solution. SQL/MapReduce platform efficiency is confirmed by experimental results that show the opportunity of effective application for data analysis web services.

Building a data warehouse with examples in SQL server

CERN Document Server

Rainardi, Vincent

2008-01-01

""Building a Data Warehouse: With Examples in SQL Server"" describes how to build a data warehouse completely from scratch and shows practical examples on how to do it. Author Rainardi also describes some practical issues that developers are likely to encounter in their first data warehousing project, along with solutions and advice.

A Web-based Examination System Based on PHP+MySQL.

Science.gov (United States)

Wen, Ji; Zhang, Yang; Yan, Yong; Xia, Shunren

2005-01-01

The design and implementation of web-based examination system constructed by PHP and MySQL is presented in this paper. Three primary parts, including students',teachers' and administrators', are introduced and analyzed in detail. Initial application has demonstrated the system's feasibility and reasonability.*

Pro SQL Server 2008 Analysis Services

CERN Document Server

Janus, Philo B

2009-01-01

Every business has a reams of business data locked away in databases, business systems, and spreadsheets. While you may be able to build some reports by pulling a few of these repositories together, actually performing any kind of analysis on the data that runs your business can range from problematic to impossible. Pro SQL Server 2008 Analysis Services will show you how to pull that data together and present it for reporting and analysis in a way that makes the data accessible to business users, instead of needing to rely on the IT department every time someone needs a different report. * Acc

CGDM: collaborative genomic data model for molecular profiling data using NoSQL.

Science.gov (United States)

Wang, Shicai; Mares, Mihaela A; Guo, Yi-Ke

2016-12-01

High-throughput molecular profiling has greatly improved patient stratification and mechanistic understanding of diseases. With the increasing amount of data used in translational medicine studies in recent years, there is a need to improve the performance of data warehouses in terms of data retrieval and statistical processing. Both relational and Key Value models have been used for managing molecular profiling data. Key Value models such as SeqWare have been shown to be particularly advantageous in terms of query processing speed for large datasets. However, more improvement can be achieved, particularly through better indexing techniques of the Key Value models, taking advantage of the types of queries which are specific for the high-throughput molecular profiling data. In this article, we introduce a Collaborative Genomic Data Model (CGDM), aimed at significantly increasing the query processing speed for the main classes of queries on genomic databases. CGDM creates three Collaborative Global Clustering Index Tables (CGCITs) to solve the velocity and variety issues at the cost of limited extra volume. Several benchmarking experiments were carried out, comparing CGDM implemented on HBase to the traditional SQL data model (TDM) implemented on both HBase and MySQL Cluster, using large publicly available molecular profiling datasets taken from NCBI and HapMap. In the microarray case, CGDM on HBase performed up to 246 times faster than TDM on HBase and 7 times faster than TDM on MySQL Cluster. In single nucleotide polymorphism case, CGDM on HBase outperformed TDM on HBase by up to 351 times and TDM on MySQL Cluster by up to 9 times. The CGDM source code is available at https://github.com/evanswang/CGDM. y.guo@imperial.ac.uk. © The Author 2016. Published by Oxford University Press. All rights reserved. For Permissions, please e-mail: journals.permissions@oup.com.

PENGEMBANGAN EVALUASI PEMBELAJARAN BERBASIS MULTIMEDIA DENGAN FLASH, PHP, DAN MySQL

Directory of Open Access Journals (Sweden)

Hadi Sutopo

2012-01-01

Full Text Available Computer-Based Testing (CBT program was launched for years to give test takers the options of taking computerized version of test. The application which generates academic score is developed as a server-side with Adobe Flash. Flash is well known as a powerful and dynamic front-end for the Web. However, Flash is also great interface for server-side applications. PHP can launch server-side script using Flash as a front-end and pass variables back and forth between Flash and the PHP pages. Along with PHP, MySQL can be used to store data and later retrieve it. Using Flash as a front-end, data and variables are passed between the MySQL database, PHP, and Flash to enhance application's functionality in managing databases.

ExplorEnz: a MySQL database of the IUBMB enzyme nomenclature.

Science.gov (United States)

McDonald, Andrew G; Boyce, Sinéad; Moss, Gerard P; Dixon, Henry B F; Tipton, Keith F

2007-07-27

We describe the database ExplorEnz, which is the primary repository for EC numbers and enzyme data that are being curated on behalf of the IUBMB. The enzyme nomenclature is incorporated into many other resources, including the ExPASy-ENZYME, BRENDA and KEGG bioinformatics databases. The data, which are stored in a MySQL database, preserve the formatting of chemical and enzyme names. A simple, easy to use, web-based query interface is provided, along with an advanced search engine for more complex queries. The database is publicly available at http://www.enzyme-database.org. The data are available for download as SQL and XML files via FTP. ExplorEnz has powerful and flexible search capabilities and provides the scientific community with the most up-to-date version of the IUBMB Enzyme List.

Metrics for Assessment of Smart Grid Data Integrity Attacks

Energy Technology Data Exchange (ETDEWEB)

Annarita Giani; Miles McQueen; Russell Bent; Kameshwar Poolla; Mark Hinrichs

2012-07-01

There is an emerging consensus that the nation’s electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by redispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focused on understanding the connections between grid operational procedures and cyber attacks. We first offer two examples to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data are consistent with the physics of power flow, and are therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under re-dispatch decisions using optimal power flow methods. These metrics can be use to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advance attack detection algorithms.

Cyber-Attacks on Smart Meters in Household Nanogrid: Modeling, Simulation and Analysis

Directory of Open Access Journals (Sweden)

Denise Tellbach

2018-02-01

Full Text Available The subject of cyber-security and therefore cyber-attacks on smart grid (SG has become subject of many publications in the last years, emphasizing its importance in research, as well as in practice. One especially vulnerable part of SG are smart meters (SMs. The major contribution of simulating a variety of cyber-attacks on SMs that have not been done in previous studies is the identification and quantification of the possible impacts on the security of SG. In this study, a simulation model of a nanogrid, including a complete household with an SM, was developed. Different cyber-attacks were injected into the SM to simulate their effects on household nanogrid. The analysis of the impacts of different cyber-attacks showed that the effects of cyber-attacks can be sorted into various categories. Integrity and confidentiality attacks cause monetary effects on the grid. While, availability attacks have monetary effects on the grid as well, they are mainly aimed at compromising the SM communication by either delaying or stopping it completely.

Mining the SDSS SkyServer SQL queries log

Science.gov (United States)

Hirota, Vitor M.; Santos, Rafael; Raddick, Jordan; Thakar, Ani

2016-05-01

SkyServer, the Internet portal for the Sloan Digital Sky Survey (SDSS) astronomic catalog, provides a set of tools that allows data access for astronomers and scientific education. One of SkyServer data access interfaces allows users to enter ad-hoc SQL statements to query the catalog. SkyServer also presents some template queries that can be used as basis for more complex queries. This interface has logged over 330 million queries submitted since 2001. It is expected that analysis of this data can be used to investigate usage patterns, identify potential new classes of queries, find similar queries, etc. and to shed some light on how users interact with the Sloan Digital Sky Survey data and how scientists have adopted the new paradigm of e-Science, which could in turn lead to enhancements on the user interfaces and experience in general. In this paper we review some approaches to SQL query mining, apply the traditional techniques used in the literature and present lessons learned, namely, that the general text mining approach for feature extraction and clustering does not seem to be adequate for this type of data, and, most importantly, we find that this type of analysis can result in very different queries being clustered together.

iDESWEB: Práctica 9: PHP 3 (MySQL y acceso a una base de datos)

OpenAIRE

Luján Mora, Sergio

2012-01-01

Aprender a administrar una base de datos con MySQL. Conocer algunas herramientas que ayudan a administrar una base de datos de MySQL. Aprender a acceder a una base de datos desde PHP. Aprender a realizar una consulta SELECT y mostrar el resultado en una página web. Sitio web del curso: http://idesweb.es/

The HARPS-N archive through a Cassandra, NoSQL database suite?

Science.gov (United States)

Molinari, Emilio; Guerra, Jose; Harutyunyan, Avet; Lodi, Marcello; Martin, Adrian

2016-07-01

The TNG-INAF is developing the science archive for the WEAVE instrument. The underlying architecture of the archive is based on a non relational database, more precisely, on Apache Cassandra cluster, which uses a NoSQL technology. In order to test and validate the use of this architecture, we created a local archive which we populated with all the HARPSN spectra collected at the TNG since the instrument's start of operations in mid-2012, as well as developed tools for the analysis of this data set. The HARPS-N data set is two orders of magnitude smaller than WEAVE, but we want to demonstrate the ability to walk through a complete data set and produce scientific output, as valuable as that produced by an ordinary pipeline, though without accessing directly the FITS files. The analytics is done by Apache Solr and Spark and on a relational PostgreSQL database. As an example, we produce observables like metallicity indexes for the targets in the archive and compare the results with the ones coming from the HARPS-N regular data reduction software. The aim of this experiment is to explore the viability of a high availability cluster and distributed NoSQL database as a platform for complex scientific analytics on a large data set, which will then be ported to the WEAVE Archive System (WAS) which we are developing for the WEAVE multi object, fiber spectrograph.

The SQL Server Database for Non Computer Professional Teaching Reform

Science.gov (United States)

Liu, Xiangwei

2012-01-01

A summary of the teaching methods of the non-computer professional SQL Server database, analyzes the current situation of the teaching course. According to non computer professional curriculum teaching characteristic, put forward some teaching reform methods, and put it into practice, improve the students' analysis ability, practice ability and…

Evaluating the Cassandra NoSQL Database Approach for Genomic Data Persistency

Directory of Open Access Journals (Sweden)

Rodrigo Aniceto

2015-01-01

Full Text Available Rapid advances in high-throughput sequencing techniques have created interesting computational challenges in bioinformatics. One of them refers to management of massive amounts of data generated by automatic sequencers. We need to deal with the persistency of genomic data, particularly storing and analyzing these large-scale processed data. To find an alternative to the frequently considered relational database model becomes a compelling task. Other data models may be more effective when dealing with a very large amount of nonconventional data, especially for writing and retrieving operations. In this paper, we discuss the Cassandra NoSQL database approach for storing genomic data. We perform an analysis of persistency and I/O operations with real data, using the Cassandra database system. We also compare the results obtained with a classical relational database system and another NoSQL database approach, MongoDB.

Evaluating the Cassandra NoSQL Database Approach for Genomic Data Persistency

Science.gov (United States)

Aniceto, Rodrigo; Xavier, Rene; Guimarães, Valeria; Hondo, Fernanda; Holanda, Maristela; Walter, Maria Emilia; Lifschitz, Sérgio

2015-01-01

Rapid advances in high-throughput sequencing techniques have created interesting computational challenges in bioinformatics. One of them refers to management of massive amounts of data generated by automatic sequencers. We need to deal with the persistency of genomic data, particularly storing and analyzing these large-scale processed data. To find an alternative to the frequently considered relational database model becomes a compelling task. Other data models may be more effective when dealing with a very large amount of nonconventional data, especially for writing and retrieving operations. In this paper, we discuss the Cassandra NoSQL database approach for storing genomic data. We perform an analysis of persistency and I/O operations with real data, using the Cassandra database system. We also compare the results obtained with a classical relational database system and another NoSQL database approach, MongoDB. PMID:26558254

Evaluating the Cassandra NoSQL Database Approach for Genomic Data Persistency.

Science.gov (United States)

Aniceto, Rodrigo; Xavier, Rene; Guimarães, Valeria; Hondo, Fernanda; Holanda, Maristela; Walter, Maria Emilia; Lifschitz, Sérgio

2015-01-01

Rapid advances in high-throughput sequencing techniques have created interesting computational challenges in bioinformatics. One of them refers to management of massive amounts of data generated by automatic sequencers. We need to deal with the persistency of genomic data, particularly storing and analyzing these large-scale processed data. To find an alternative to the frequently considered relational database model becomes a compelling task. Other data models may be more effective when dealing with a very large amount of nonconventional data, especially for writing and retrieving operations. In this paper, we discuss the Cassandra NoSQL database approach for storing genomic data. We perform an analysis of persistency and I/O operations with real data, using the Cassandra database system. We also compare the results obtained with a classical relational database system and another NoSQL database approach, MongoDB.

Comparison of the Frontier Distributed Database Caching System to NoSQL Databases

Science.gov (United States)

Dykstra, Dave

2012-12-01

One of the main attractions of non-relational “NoSQL” databases is their ability to scale to large numbers of readers, including readers spread over a wide area. The Frontier distributed database caching system, used in production by the Large Hadron Collider CMS and ATLAS detector projects for Conditions data, is based on traditional SQL databases but also adds high scalability and the ability to be distributed over a wide-area for an important subset of applications. This paper compares the major characteristics of the two different approaches and identifies the criteria for choosing which approach to prefer over the other. It also compares in some detail the NoSQL databases used by CMS and ATLAS: MongoDB, CouchDB, HBase, and Cassandra.

Comparison of the Frontier Distributed Database Caching System to NoSQL Databases

International Nuclear Information System (INIS)

Dykstra, Dave

2012-01-01

One of the main attractions of non-relational “NoSQL” databases is their ability to scale to large numbers of readers, including readers spread over a wide area. The Frontier distributed database caching system, used in production by the Large Hadron Collider CMS and ATLAS detector projects for Conditions data, is based on traditional SQL databases but also adds high scalability and the ability to be distributed over a wide-area for an important subset of applications. This paper compares the major characteristics of the two different approaches and identifies the criteria for choosing which approach to prefer over the other. It also compares in some detail the NoSQL databases used by CMS and ATLAS: MongoDB, CouchDB, HBase, and Cassandra.

OCA Oracle Database SQL exam guide (exam 1Z0-071) complete exam preparation

CERN Document Server

O'Hearn, Steve

2017-01-01

This thoroughly revised Oracle Press guide offers 100% coverage of all objectives on the latest version of the Oracle Database SQL Exam. Ideal both as a study guide and on-the-job reference, OCA Oracle Database SQL Exam Guide (Exam 1Z0-071) features detailed explanations, examples, practice questions, and chapter summaries. “Certification Objectives,” “Exam Watch,” and “On the Job” sections reinforce salient points throughout. You will gain access to two complete practice exams that match the tone, tenor, and format of the live test. Get complete coverage every topic on Exam 1Z0-071, including: • DDL and SQL SELECT statements • Manipulating, restricting, and sorting data • Single-row and group functions • Displaying data from multiple tables • Subqueries • Schema objects • Set operators • Grouping related data • Report creation • Data dictionary views • Large data sets • Hierarchical retrieval • Regular expression support • User access control The electronic includes: • Two full practi...

OCA Oracle Database SQL exam guide (exam 1Z0-071) : complete exam preparation

CERN Document Server

O'Hearn, Steve

2017-01-01

This thoroughly revised Oracle Press guide offers 100% coverage of all objectives on the latest version of the Oracle Database SQL Exam. Ideal both as a study guide and on-the-job reference, OCA Oracle Database SQL Exam Guide (Exam 1Z0-071) features detailed explanations, examples, practice questions, and chapter summaries. “Certification Objectives,” “Exam Watch,” and “On the Job” sections reinforce salient points throughout. You will gain access to two complete practice exams that match the tone, tenor, and format of the live test. Get complete coverage every topic on Exam 1Z0-071, including: • DDL and SQL SELECT statements • Manipulating, restricting, and sorting data • Single-row and group functions • Displaying data from multiple tables • Subqueries • Schema objects • Set operators • Grouping related data • Report creation • Data dictionary views • Large data sets • Hierarchical retrieval • Regular expression support • User access control The electronic includes: • Two full practi...

Professional Microsoft SQL Server 2012 Reporting Services

CERN Document Server

Turley, Paul; Silva, Thiago; Withee, Ken; Paisley, Grant

2012-01-01

A must-have guide for the latest updates to the new release of Reporting Services SQL Server Reporting Services allows you to create reports and business intelligence (BI) solutions. With this updated resource, a team of experts shows you how Reporting Services makes reporting faster, easier and more powerful than ever in web, desktop, and portal solutions. New coverage discusses the new reporting tool called Crescent, BI semantic model's impact on report design and creation, semantic model design, and more. You'll explore the major enhancements to Report Builder and benefit from best practice

Experience with ATLAS MySQL PanDA database service

International Nuclear Information System (INIS)

Smirnov, Y; Wlodek, T; Hover, J; Smith, J; Wenaus, T; Yu, D; De, K; Ozturk, N

2010-01-01

The PanDA distributed production and analysis system has been in production use for ATLAS data processing and analysis since late 2005 in the US, and globally throughout ATLAS since early 2008. Its core architecture is based on a set of stateless web services served by Apache and backed by a suite of MySQL databases that are the repository for all PanDA information: active and archival job queues, dataset and file catalogs, site configuration information, monitoring information, system control parameters, and so on. This database system is one of the most critical components of PanDA, and has successfully delivered the functional and scaling performance required by PanDA, currently operating at a scale of half a million jobs per week, with much growth still to come. In this paper we describe the design and implementation of the PanDA database system, its architecture of MySQL servers deployed at BNL and CERN, backup strategy and monitoring tools. The system has been developed, thoroughly tested, and brought to production to provide highly reliable, scalable, flexible and available database services for ATLAS Monte Carlo production, reconstruction and physics analysis.

Experience with ATLAS MySQL PanDA database service

Energy Technology Data Exchange (ETDEWEB)

Smirnov, Y; Wlodek, T; Hover, J; Smith, J; Wenaus, T; Yu, D [Physics Department, Brookhaven National Laboratory, Upton, NY 11973-5000 (United States); De, K; Ozturk, N [Department of Physics, University of Texas at Arlington, Arlington, TX, 76019 (United States)

2010-04-01

The PanDA distributed production and analysis system has been in production use for ATLAS data processing and analysis since late 2005 in the US, and globally throughout ATLAS since early 2008. Its core architecture is based on a set of stateless web services served by Apache and backed by a suite of MySQL databases that are the repository for all PanDA information: active and archival job queues, dataset and file catalogs, site configuration information, monitoring information, system control parameters, and so on. This database system is one of the most critical components of PanDA, and has successfully delivered the functional and scaling performance required by PanDA, currently operating at a scale of half a million jobs per week, with much growth still to come. In this paper we describe the design and implementation of the PanDA database system, its architecture of MySQL servers deployed at BNL and CERN, backup strategy and monitoring tools. The system has been developed, thoroughly tested, and brought to production to provide highly reliable, scalable, flexible and available database services for ATLAS Monte Carlo production, reconstruction and physics analysis.

"Science SQL" as a Building Block for Flexible, Standards-based Data Infrastructures

Science.gov (United States)

Baumann, Peter

2016-04-01

We have learnt to live with the pain of separating data and metadata into non-interoperable silos. For metadata, we enjoy the flexibility of databases, be they relational, graph, or some other NoSQL. Contrasting this, users still "drown in files" as an unstructured, low-level archiving paradigm. It is time to bridge this chasm which once was technologically induced, but today can be overcome. One building block towards a common re-integrated information space is to support massive multi-dimensional spatio-temporal arrays. These "datacubes" appear as sensor, image, simulation, and statistics data in all science and engineering domains, and beyond. For example, 2-D satellilte imagery, 2-D x/y/t image timeseries and x/y/z geophysical voxel data, and 4-D x/y/z/t climate data contribute to today's data deluge in the Earth sciences. Virtual observatories in the Space sciences routinely generate Petabytes of such data. Life sciences deal with microarray data, confocal microscopy, human brain data, which all fall into the same category. The ISO SQL/MDA (Multi-Dimensional Arrays) candidate standard is extending SQL with modelling and query support for n-D arrays ("datacubes") in a flexible, domain-neutral way. This heralds a new generation of services with new quality parameters, such as flexibility, ease of access, embedding into well-known user tools, and scalability mechanisms that remain completely transparent to users. Technology like the EU rasdaman ("raster data manager") Array Database system can support all of the above examples simultaneously, with one technology. This is practically proven: As of today, rasdaman is in operational use on hundreds of Terabytes of satellite image timeseries datacubes, with transparent query distribution across more than 1,000 nodes. Therefore, Array Databases offering SQL/MDA constitute a natural common building block for next-generation data infrastructures. Being initiator and editor of the standard we present principles

CheD: chemical database compilation tool, Internet server, and client for SQL servers.

Science.gov (United States)

Trepalin, S V; Yarkov, A V

2001-01-01

An efficient program, which runs on a personal computer, for the storage, retrieval, and processing of chemical information, is presented, The program can work both as a stand-alone application or in conjunction with a specifically written Web server application or with some standard SQL servers, e.g., Oracle, Interbase, and MS SQL. New types of data fields are introduced, e.g., arrays for spectral information storage, HTML and database links, and user-defined functions. CheD has an open architecture; thus, custom data types, controls, and services may be added. A WWW server application for chemical data retrieval features an easy and user-friendly installation on Windows NT or 95 platforms.

Blind Cartography for Side Channel Attacks: Cross-Correlation Cartography

Directory of Open Access Journals (Sweden)

Laurent Sauvage

2012-01-01

Full Text Available Side channel and fault injection attacks are major threats to cryptographic applications of embedded systems. Best performances for these attacks are achieved by focusing sensors or injectors on the sensible parts of the application, by means of dedicated methods to localise them. Few methods have been proposed in the past, and all of them aim at pinpointing the cryptoprocessor. However it could be interesting to exploit the activity of other parts of the application, in order to increase the attack's efficiency or to bypass its countermeasures. In this paper, we present a localisation method based on cross-correlation, which issues a list of areas of interest within the attacked device. It realizes an exhaustive analysis, since it may localise any module of the device, and not only those which perform cryptographic operations. Moreover, it also does not require a preliminary knowledge about the implementation, whereas some previous cartography methods require that the attacker could choose the cryptoprocessor inputs, which is not always possible. The method is experimentally validated using observations of the electromagnetic near field distribution over a Xilinx Virtex 5 FPGA. The matching between areas of interest and the application layout in the FPGA floorplan is confirmed by correlation analysis.

ATLAS DDM/DQ2 & NoSQL databases: Use cases and experiences

CERN Multimedia

CERN. Geneva

2012-01-01

NoSQL databases. This includes distributed file system like HDFS that support parallel execution of computational tasks on distributed data, as well as schema-less approaches via key-value/document stores, like HBase, Cassandra or MongoDB. These databases provide solutions to particular types...

Survey data and metadata modelling using document-oriented NoSQL

Science.gov (United States)

Rahmatuti Maghfiroh, Lutfi; Gusti Bagus Baskara Nugraha, I.

2018-03-01

Survey data that are collected from year to year have metadata change. However it need to be stored integratedly to get statistical data faster and easier. Data warehouse (DW) can be used to solve this limitation. However there is a change of variables in every period that can not be accommodated by DW. Traditional DW can not handle variable change via Slowly Changing Dimension (SCD). Previous research handle the change of variables in DW to manage metadata by using multiversion DW (MVDW). MVDW is designed using relational model. Some researches also found that developing nonrelational model in NoSQL database has reading time faster than the relational model. Therefore, we propose changes to metadata management by using NoSQL. This study proposes a model DW to manage change and algorithms to retrieve data with metadata changes. Evaluation of the proposed models and algorithms result in that database with the proposed design can retrieve data with metadata changes properly. This paper has contribution in comprehensive data analysis with metadata changes (especially data survey) in integrated storage.

Instant MDX queries for SQL Server 2012

CERN Document Server

Emond, Nicholas

2013-01-01

Get to grips with a new technology, understand what it is and what it can do for you, and then get to work with the most important features and tasks. This short, focused guide is a great way to get stated with writing MDX queries. New developers can use this book as a reference for how to use functions and the syntax of a query as well as how to use Calculated Members and Named Sets.This book is great for new developers who want to learn the MDX query language from scratch and install SQL Server 2012 with Analysis Services

Beginning PHP, Apache, MySQL web development

CERN Document Server

Glass, Michael K; Naramore, Elizabeth; Mailer, Gary; Stolz, Jeremy; Gerner, Jason

2004-01-01

An ideal introduction to the entire process of setting up a Web site using PHP (a scripting language), MySQL (a database management system), and Apache (a Web server)* Programmers will be up and running in no time, whether they're using Linux or Windows servers* Shows readers step by step how to create several Web sites that share common themes, enabling readers to use these examples in real-world projects* Invaluable reading for even the experienced programmer whose current site has outgrown the traditional static structure and who is looking for a way to upgrade to a more efficient, user-f

Rancang Bangun Sistem Informasi Jadwal Perkuliahan Berbasis Jquery Mobile Dengan Menggunakan PHP Dan MySQL

Directory of Open Access Journals (Sweden)

Elisa Usada

2012-11-01

Full Text Available Informasi perubahan jadwal perlu diberitahukan secepatnya kepada dosen dan mahasiswa.Aplikasi Sistem Informasi Jadwal Perkuliahan berbasis jQuery Mobile dengan menggunakan PHP dan MySQL pada proyek penelitian ini diharapkan mempermudah pemberitahuan perubahan jadwal kepada dosen dan mahasiswa.Dengan dibuat aplikasi Sistem Informasi Jadwal Perkuliahan berbasis jQuery Mobile dengan menggunakan PHP dan MySQL pada proyek penelitian ini dapat mempermudah dalam mencari informasi jadwal perkuliahan.Metode yang digunakan dalam rancang bangun aplikasi sistem informasi jadwal perkuliahan yaitu metode waterfall. Pengujian aplikasi sistem informasi jadwal perkuliahan menggunakan beberapa tahapan yaitu tahap pengujian integrasi, pengujian sistem, pengujian validasi dan  pengujian penerimaan pada handphone. Pada aplikasi ini digunakan  database MySQL untuk penyimpanan data-data jadwal perkuliahan, dan pembuatan aplikasi ini dibuat menggunakan PHP. untuk mendapatkan hasil yang lebih baik lagi adapun saran-saran yang dapat diberikan terhadap aplikasi sistem informasi jadwal perkuliahan ini yaitu mengintegrasikan aplikasi sistem informasi jadwal perkuliahan ini dengan sistem kampus dan melakukan update pada jQuery Mobile ke versi yang terbaru agar tampilan lebih baik serta memiliki keunggulan tambahan.

NoSQL databáze pro data senzorů s podporou časových řad

OpenAIRE

Vizina, Petr

2017-01-01

Tato diplomová práce se zabývá tématem NoSQL databází, jež lze využít pro efektivní ukládání senzorových dat s charakterem časových řad. Cílem je navrhnout a implementovat vlastní řešení databáze určené pro ukládání dat časových řad s využitím právě principu NoSQL. This thesis deals with NoSQL databases, which can be used for effective storage of sensors data with character of time series. The aim is to design and implement own solution for database designed to store time series data, with...

Smart grid data integrity attacks: characterizations and countermeasuresπ

KAUST Repository

Giani, Annarita

2011-10-01

Coordinated cyberattacks of power meter readings can be arranged to be undetectable by any bad data detection algorithm in the power system state estimation process. These unobservable attacks present a potentially serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacks [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of line power meters is presented. This requires O(n 2m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected in power systems using standard graph algorithms. Known-secure phasor measurement units [PMUs] can be used as countermeasures against an arbitrary collection of cyberattacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p + 1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyberattacks. © 2011 IEEE.

Implementation of Secondary Index on Cloud Computing NoSQL Database in Big Data Environment

Directory of Open Access Journals (Sweden)

Bao Rong Chang

2015-01-01

Full Text Available This paper introduces the combination of NoSQL database HBase and enterprise search platform Solr so as to tackle the problem of the secondary index function with fast query. In order to verify the effectiveness and efficiency of the proposed approach, the assessment using Cost-Performance ratio has been done for several competitive benchmark databases and the proposed one. As a result, our proposed approach outperforms the other databases and fulfills secondary index function with fast query in NoSQL database. Moreover, according to the cross-sectional analysis, the proposed combination of HBase and Solr database is capable of performing an excellent query/response in a big data environment.

Practical querying of temporal data via OWL 2 QL and SQL: 2011

CSIR Research Space (South Africa)

Klarman, S

2013-12-01

Full Text Available We develop a practical approach to querying temporal data stored in temporal SQL:2011 databases through the semantic layer of OWL 2 QL ontologies. An interval-based temporal query language (TQL), which we propose for this task, is defined via...

Analyse de code et processus d'évaluation des composants sécurisés contre l'injection de faute

OpenAIRE

Dureuil , Louis

2016-01-01

Vulnerability detections for smart cards require state of the art methods both to attack and to protect the secure device. A typical type of attack is fault injection, most notably performed by means of laser techniques. To prevent some of the consequences of this kind of attacks, several analyses are conducted at the software level. Being able to define criteria and to propose automated tools that can survey the robustness of an application to fault injection is thus nowadays a hot topic, ev...

A NoSQL–SQL Hybrid Organization and Management Approach for Real-Time Geospatial Data: A Case Study of Public Security Video Surveillance

Directory of Open Access Journals (Sweden)

Chen Wu

2017-01-01

Full Text Available With the widespread deployment of ground, air and space sensor sources (internet of things or IoT, social networks, sensor networks, the integrated applications of real-time geospatial data from ubiquitous sensors, especially in public security and smart city domains, are becoming challenging issues. The traditional geographic information system (GIS mostly manages time-discretized geospatial data by means of the Structured Query Language (SQL database management system (DBMS and emphasizes query and retrieval of massive historical geospatial data on disk. This limits its capability for on-the-fly access of real-time geospatial data for online analysis in real time. This paper proposes a hybrid database organization and management approach with SQL relational databases (RDB and not only SQL (NoSQL databases (including the main memory database, MMDB, and distributed files system, DFS. This hybrid approach makes full use of the advantages of NoSQL and SQL DBMS for the real-time access of input data and structured on-the-fly analysis results which can meet the requirements of increased spatio-temporal big data linking analysis. The MMDB facilitates real-time access of the latest input data such as the sensor web and IoT, and supports the real-time query for online geospatial analysis. The RDB stores change information such as multi-modal features and abnormal events extracted from real-time input data. The DFS on disk manages the massive geospatial data, and the extensible storage architecture and distributed scheduling of a NoSQL database satisfy the performance requirements of incremental storage and multi-user concurrent access. A case study of geographic video (GeoVideo surveillance of public security is presented to prove the feasibility of this hybrid organization and management approach.

An Array Library for Microsoft SQL Server with Astrophysical Applications

Science.gov (United States)

Dobos, L.; Szalay, A. S.; Blakeley, J.; Falck, B.; Budavári, T.; Csabai, I.

2012-09-01

Today's scientific simulations produce output on the 10-100 TB scale. This unprecedented amount of data requires data handling techniques that are beyond what is used for ordinary files. Relational database systems have been successfully used to store and process scientific data, but the new requirements constantly generate new challenges. Moving terabytes of data among servers on a timely basis is a tough problem, even with the newest high-throughput networks. Thus, moving the computations as close to the data as possible and minimizing the client-server overhead are absolutely necessary. At least data subsetting and preprocessing have to be done inside the server process. Out of the box commercial database systems perform very well in scientific applications from the prospective of data storage optimization, data retrieval, and memory management but lack basic functionality like handling scientific data structures or enabling advanced math inside the database server. The most important gap in Microsoft SQL Server is the lack of a native array data type. Fortunately, the technology exists to extend the database server with custom-written code that enables us to address these problems. We present the prototype of a custom-built extension to Microsoft SQL Server that adds array handling functionality to the database system. With our Array Library, fix-sized arrays of all basic numeric data types can be created and manipulated efficiently. Also, the library is designed to be able to be seamlessly integrated with the most common math libraries, such as BLAS, LAPACK, FFTW, etc. With the help of these libraries, complex operations, such as matrix inversions or Fourier transformations, can be done on-the-fly, from SQL code, inside the database server process. We are currently testing the prototype with two different scientific data sets: The Indra cosmological simulation will use it to store particle and density data from N-body simulations, and the Milky Way Laboratory

Analisis Keamanan pada Aplikasi Her-registrasi Online Mahasiswa Universitas Diponegoro

Directory of Open Access Journals (Sweden)

Hilal Afrih Juhad

2016-08-01

Full Text Available The security aspect is often forgotten in the application of Information Technology. The attacks were caused by the negligence of the developer causes damage to the system used. SQL Injection attacks, Cross Site Scripting attacks, and no use of encrypted channels lead to the exposure of sensitive data users. Objectives of this research is to perform an audit and analysis of the security aspects against the Her-registration Colege Students Online Application of Diponegoro University. Audit and security analysis is prevention step so that the vulnerabilities found not to be a entrances to the system hackers. The results of this research are a security audit report that contains the vulnerability Her-registration College Students Online Application of Diponegoro University. The audit report will be used as a reference for application developers Her-registration Colege Students Online Application of Diponegoro University to improve the system.

A PostgreSQL/PostGIS Implementation for the Sightseeing Tour Planning Problem

Directory of Open Access Journals (Sweden)

Ardiansyah .

2013-04-01

Full Text Available This article discusses a procedure for finding the best multi stops route for sightseeing tour through a road network. The procedure involves building a database containing nodes and road network in PostgreSQL, calculating the shortest distance between a pair of nodes using pgDijkstra module, and solving the tour problem using a function written in PL/pgSQL. The function was developed based on the Nearest Insertion Algorithm for solving the Travelling Salesman Problem. The algorithm inserts a sightseeing attraction (node at the best position in the existing route, which is between a pair of nodes that yields the minimum difference between the total tour time before and after the new node was inserted. The test result shows that the function can solve the problem within acceptable runtime for web application for total destination nodes of 22. It is concluded that the whole procedure was suitable for developing Web GIS application that solve the sightseeing tour planning problem.

iDESWEB (3ª ed.): Práctica 10: PHP 3 (MySQL y acceso a una base de datos)

OpenAIRE

Luján Mora, Sergio

2013-01-01

Aprender a administrar una base de datos con MySQL. Conocer algunas herramientas que ayudan a administrar una base de datos de MySQL. Aprender a acceder a una base de datos desde PHP. Aprender a realizar una consulta SELECT y mostrar el resultado en una página web. Sitio web del curso: http://idesweb.es/

MonetDB/SQL Meets SkyServer: the Challenges of a Scientific Database.

NARCIS (Netherlands)

M.G. Ivanova (Milena); N.J. Nes (Niels); R.A. Goncalves (Romulo); M.L. Kersten (Martin)

2007-01-01

textabstractThis paper presents our experiences in porting the Sloan Digital Sky Survey(SDSS)/ SkyServer to the state-of-the-art open source database system MonetDB/SQL. SDSS acts as a well-documented benchmark for scientific database management. We have achieved a fully functional prototype for the

Multiple-feature extracting modules based leak mining system design.

Science.gov (United States)

Cho, Ying-Chiang; Pan, Jen-Yi

2013-01-01

Over the years, human dependence on the Internet has increased dramatically. A large amount of information is placed on the Internet and retrieved from it daily, which makes web security in terms of online information a major concern. In recent years, the most problematic issues in web security have been e-mail address leakage and SQL injection attacks. There are many possible causes of information leakage, such as inadequate precautions during the programming process, which lead to the leakage of e-mail addresses entered online or insufficient protection of database information, a loophole that enables malicious users to steal online content. In this paper, we implement a crawler mining system that is equipped with SQL injection vulnerability detection, by means of an algorithm developed for the web crawler. In addition, we analyze portal sites of the governments of various countries or regions in order to investigate the information leaking status of each site. Subsequently, we analyze the database structure and content of each site, using the data collected. Thus, we make use of practical verification in order to focus on information security and privacy through black-box testing.

Implementation of Collate at the database level for PostgreSQL

OpenAIRE

Strnad, Radek

2009-01-01

Current version of PostgreSQL supports only one collation per database cluster. This does not meet the requirements of some users developing multi-lingual applications. The goal of the work will be to implement collation at database level and make foundations for further national language supp ort development. User will be able to set collation when creating a database. Particulary commands CREATE DATABASE... COLLATE ... will be implemented using ANSI standards. Work will also implement possi...

gestion d'une agence de voyage selon le modele client/serveur avec swing et mySQL

OpenAIRE

BELGACEM, Hicham; BOUAZZA, Mohammed Reda

2014-01-01

L’objectif de ce modeste travail est le développement d'une application Client/serveur pour la gestion d’une agence de voyage en se basant sur SWING et MySQL. Dans le premier chapitre de notre rapport nous avons présenté les outils misent en place pour la réalisation de notre application, en commençant par le langage Java utilisés sous Netbeans, MySQL pour la gestion de base de données et phpMyAdmin pour créer la BDD. Le deuxième chapitre est consacré à la présentation de notre...

Extending the ELisA Logbook to use MySQL

CERN Document Server

Osman Jama Ali, Yosuf

2017-01-01

ELisA (Electronic Logbook for the Information Storage of ATLAS Experiments at LHC) is a web tool that is used within the ATLAS community to keep track of the daily experiments and deployments within ATLAS. It is implemented using the Spring framework and consists of a web interface, a REST API and a set of client libraries. This Report summarises the process taken in replacing the Oracle database that is used with MySQL, as well as the incorporation of Docker as a deployment strategy in order to make the logbook more portable.

Finding Exception For Association Rules Via SQL Queries

Directory of Open Access Journals (Sweden)

Luminita DUMITRIU

2000-12-01

Full Text Available Finding association rules is mainly based on generating larger and larger frequent set candidates, starting from frequent attributes in the database. The frequent sets can be organised as a part of a lattice of concepts according to the Formal Concept Analysis approach. Since the lattice construction is database contents-dependent, the pseudo-intents (see Formal Concept Analysis are avoided. Association rules between concept intents (closed sets A=>B are partial implication rules, meaning that there is some data supporting A and (not B; fully explaining the data requires finding exceptions for the association rules. The approach applies to Oracle databases, via SQL queries.

PL/SQL and Bind Variable: the two ways to increase the efficiency of Network Databases

Directory of Open Access Journals (Sweden)

Hitesh KUMAR SHARMA

2011-12-01

Full Text Available Modern data analysis applications are driven by the Network databases. They are pushing traditional database and data warehousing technologies beyond their limits due to their massively increasing data volumes and demands for low latency. There are three major challenges in working with network databases: interoperability due to heterogeneous data repositories, proactively due to autonomy of data sources and high efficiency to meet the application demand. This paper provides the two ways to meet the third challenge of network databases. This goal can be achieved by network database administrator with the usage of PL/SQL blocks and bind variable. The paper will explain the effect of PL/SQL block and bind variable on Network database efficiency to meet the modern data analysis application demand.

The Transition from RDBMS to NoSQL. A Comparative Analysis of Three Popular Non-Relational Solutions: Cassandra, MongoDB and Couchbase

Directory of Open Access Journals (Sweden)

Cristina BAZAR

2014-09-01

Full Text Available NoSQL databases were built in the need to deal with the increasing amount of complex data (Big Data, required in real-time web applications, and are mostly addressing some of these points: the focus on availability over consistency, horizontally scalable, distributed architecture, and open-source. The purpose of this paper is to present the reasons for a transition from RDBMS to NoSQL databases, to describe the main characteristics of non-relational databases and to compare and analyze three popular NoSQL solutions - Cassandra, MongoDB and CouchBase, outlining the results obtained during performance comparison tests. Each solution is optimized for different workloads and different use cases. Therefore, each has its own strong points and weaknesses.

Durability of low-pH injection grout. A literature survey

International Nuclear Information System (INIS)

Holt, E.

2008-01-01

This publication provides an overview of the durability of injection grouts. It is intended for use during planning and construction at the ONKALO underground research facility. The review has been done with respect to the application conditions, materials and service life requirements expressed by Posiva Oy. The publication describes all types of cement-based material durability, with an emphasis on the key issues of shrinkage cracking, leaching and sulphate attack. The second part of the report provides information on how durability expectations have changed with the history of injection grout development. The report gives information specific to low-pH injection grouts containing high amounts of silica fume performance and how their durability is expected to differ from traditional normal cement-based mixtures. The final part of the report provides suggestions for future research needs for ensuring the service life of injection grouts. The key finding from this study is that the low-pH grout material is not expected to have worse durability performance compared to the standard injection grout. Combining high amounts of silica fume with the cement to produce low-pH grout should result in a material having lower permeability and thus greater resistance to leaching and chemical attack. Further laboratory testing is needed to quantitatively verify these findings and to provide inputs for future service life modeling. (orig.)

Access to Proficy Historian Database Based on SQL Server Linked Server%基于SQL Server链接服务器实现Proficy Historian数据库的访问

Institute of Scientific and Technical Information of China (English)

张海洲; 尹龙; 李堑

2017-01-01

本文主要介绍基于SQL Server链接服务器对Proficy Historian数据库的访问,根据现代粮食物流"管控一体化"系统中设备运行数据的自动生成,介绍这种方法实现的过程.

Calculating Adversarial Risk from Attack Trees: Control Strength and Probabilistic Attackers

NARCIS (Netherlands)

Pieters, Wolter; Davarynejad, Mohsen

2015-01-01

Attack trees are a well-known formalism for quantitative analysis of cyber attacks consisting of multiple steps and alternative paths. It is possible to derive properties of the overall attacks from properties of individual steps, such as cost for the attacker and probability of success. However, in

Introduction to emerging threats and vulnerabilities to create user awareness

CSIR Research Space (South Africa)

Veerasamy, N

2009-04-01

Full Text Available around the world [4]. 3.3 Web Application Vulnerabilities SQL injection takes place when there is improper validation of user input. According to IBM, SQL injection vulnerabilities increased a staggering 134% from 2007 [1]. This indicates that even... though this vulnerability is not a new exploit, its application is still wide-spread. With SQL injection, access to sensitive information in databases can be gained and thus the integrity of information on web sites and in transactions could...

Comparing the Performance of NoSQL Approaches for Managing Archetype-Based Electronic Health Record Data.

Directory of Open Access Journals (Sweden)

Sergio Miranda Freire

Full Text Available This study provides an experimental performance evaluation on population-based queries of NoSQL databases storing archetype-based Electronic Health Record (EHR data. There are few published studies regarding the performance of persistence mechanisms for systems that use multilevel modelling approaches, especially when the focus is on population-based queries. A healthcare dataset with 4.2 million records stored in a relational database (MySQL was used to generate XML and JSON documents based on the openEHR reference model. Six datasets with different sizes were created from these documents and imported into three single machine XML databases (BaseX, eXistdb and Berkeley DB XML and into a distributed NoSQL database system based on the MapReduce approach, Couchbase, deployed in different cluster configurations of 1, 2, 4, 8 and 12 machines. Population-based queries were submitted to those databases and to the original relational database. Database size and query response times are presented. The XML databases were considerably slower and required much more space than Couchbase. Overall, Couchbase had better response times than MySQL, especially for larger datasets. However, Couchbase requires indexing for each differently formulated query and the indexing time increases with the size of the datasets. The performances of the clusters with 2, 4, 8 and 12 nodes were not better than the single node cluster in relation to the query response time, but the indexing time was reduced proportionally to the number of nodes. The tested XML databases had acceptable performance for openEHR-based data in some querying use cases and small datasets, but were generally much slower than Couchbase. Couchbase also outperformed the response times of the relational database, but required more disk space and had a much longer indexing time. Systems like Couchbase are thus interesting research targets for scalable storage and querying of archetype-based EHR data when

Comparing the Performance of NoSQL Approaches for Managing Archetype-Based Electronic Health Record Data

Science.gov (United States)

Freire, Sergio Miranda; Teodoro, Douglas; Wei-Kleiner, Fang; Sundvall, Erik; Karlsson, Daniel; Lambrix, Patrick

2016-01-01

This study provides an experimental performance evaluation on population-based queries of NoSQL databases storing archetype-based Electronic Health Record (EHR) data. There are few published studies regarding the performance of persistence mechanisms for systems that use multilevel modelling approaches, especially when the focus is on population-based queries. A healthcare dataset with 4.2 million records stored in a relational database (MySQL) was used to generate XML and JSON documents based on the openEHR reference model. Six datasets with different sizes were created from these documents and imported into three single machine XML databases (BaseX, eXistdb and Berkeley DB XML) and into a distributed NoSQL database system based on the MapReduce approach, Couchbase, deployed in different cluster configurations of 1, 2, 4, 8 and 12 machines. Population-based queries were submitted to those databases and to the original relational database. Database size and query response times are presented. The XML databases were considerably slower and required much more space than Couchbase. Overall, Couchbase had better response times than MySQL, especially for larger datasets. However, Couchbase requires indexing for each differently formulated query and the indexing time increases with the size of the datasets. The performances of the clusters with 2, 4, 8 and 12 nodes were not better than the single node cluster in relation to the query response time, but the indexing time was reduced proportionally to the number of nodes. The tested XML databases had acceptable performance for openEHR-based data in some querying use cases and small datasets, but were generally much slower than Couchbase. Couchbase also outperformed the response times of the relational database, but required more disk space and had a much longer indexing time. Systems like Couchbase are thus interesting research targets for scalable storage and querying of archetype-based EHR data when population-based use

Comparing the Performance of NoSQL Approaches for Managing Archetype-Based Electronic Health Record Data.

Science.gov (United States)

Freire, Sergio Miranda; Teodoro, Douglas; Wei-Kleiner, Fang; Sundvall, Erik; Karlsson, Daniel; Lambrix, Patrick

2016-01-01

This study provides an experimental performance evaluation on population-based queries of NoSQL databases storing archetype-based Electronic Health Record (EHR) data. There are few published studies regarding the performance of persistence mechanisms for systems that use multilevel modelling approaches, especially when the focus is on population-based queries. A healthcare dataset with 4.2 million records stored in a relational database (MySQL) was used to generate XML and JSON documents based on the openEHR reference model. Six datasets with different sizes were created from these documents and imported into three single machine XML databases (BaseX, eXistdb and Berkeley DB XML) and into a distributed NoSQL database system based on the MapReduce approach, Couchbase, deployed in different cluster configurations of 1, 2, 4, 8 and 12 machines. Population-based queries were submitted to those databases and to the original relational database. Database size and query response times are presented. The XML databases were considerably slower and required much more space than Couchbase. Overall, Couchbase had better response times than MySQL, especially for larger datasets. However, Couchbase requires indexing for each differently formulated query and the indexing time increases with the size of the datasets. The performances of the clusters with 2, 4, 8 and 12 nodes were not better than the single node cluster in relation to the query response time, but the indexing time was reduced proportionally to the number of nodes. The tested XML databases had acceptable performance for openEHR-based data in some querying use cases and small datasets, but were generally much slower than Couchbase. Couchbase also outperformed the response times of the relational database, but required more disk space and had a much longer indexing time. Systems like Couchbase are thus interesting research targets for scalable storage and querying of archetype-based EHR data when population-based use

MySQL databases as part of the Online Business, using a platform based on Linux

Directory of Open Access Journals (Sweden)

Ion-Sorin STROE

2011-09-01

Full Text Available The Internet is a business development environment that has major advantages over traditional environment. From a financial standpoint, the initial investment is much reduced and, as yield, the chances of success are considerably higher. Developing an online business also depends on the manager’s ability to use the best solutions, sustainable on a long term. The current trend is to decrease the costs for the technical platform by adopting open-source license products. Such platform is based on a Linux operating system and a database system based on MySQL product. This article aims to answer two basic questions: “A platform based on Linux and MySQL can handle the demands of an online business?” and “Adopting such a solution has the effect of increasing profitability?”

High brain serotonin levels in migraine between attacks

DEFF Research Database (Denmark)

Deen, Marie; Hansen, Hanne D.; Hougaard, Anders

2017-01-01

Objectives To investigate brain 5-HT4-receptor binding with positron emission tomography (PET) as a proxy of serotonin (5-hydroxytryptamine, 5-HT) levels in migraine patients between attacks. Methods Brain 5-HT4-receptor binding, assessed with PET imaging of the specific 5-HT4-receptor radioligand......, [11C]SB207145, is inversely related to long-term changes in brain 5-HT-levels. Eighteen migraine patients without aura (≥48 hours migraine free) and 16 age- and sex-matched controls underwent PET-scanning after injection of [11C]SB207145. Patients who reported a migraine attack ≤48 hours after...... the scan were excluded. The mean neocortical [11C]SB207145 binding potential (BPND) was calculated in a blinded manner. Results Fifteen patients (age 29.6 ± 10.2 years, 2 men) and 16 controls (28.9 ± 10.2 years, 3 men) completed the study. Migraine patients had significantly lower neocortical 5-HT4...

An analysis on the re-emergence of SQL Slammer worm using network telescope data

CSIR Research Space (South Africa)

Chindipha, SD

2017-09-01

Full Text Available The SQL Slammer worm is a self propagated computer virus that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic. An observation of network traffic captured in the Rhodes University’s network...

Find the fish: using PROC SQL to build a relational database

Science.gov (United States)

Fabrizio, Mary C.; Nelson, Scott N.

1995-01-01

Reliable estimates of abundance and survival, gained through mark-recapture studies, are necessary to better understand how to manage and restore lake trout populations in the Great Lakes. Working with a 24-year data set from a mark-recapture study conducted in Lake Superior, we attempted to disclose information on tag shedding by examining recaptures of double-tagged fish. The data set consisted of 64,288 observations on fish which had been marked with one or more tags; a subset of these fish had been marked with two tags at initial capture. Although DATA and PROC statements could be used to obtain some of the information we sought, these statements could not be used to extract a complete set of results from the double-tagging experiments. We therefore used SQL processing to create three tables representing the same information but in a fully normalized relational structure. In addition, we created indices to efficiently examine complex relationships among the individual capture records. This approach allowed us to obtain all the information necessary to estimate tag retention through subsequent modeling. We believe that our success with SQL was due in large part to its ability to simultaneosly scan the same table more than once and to permit consideration of other tables in sub-queries.

NVST Data Archiving System Based On FastBit NoSQL Database

Science.gov (United States)

Liu, Ying-bo; Wang, Feng; Ji, Kai-fan; Deng, Hui; Dai, Wei; Liang, Bo

2014-06-01

The New Vacuum Solar Telescope (NVST) is a 1-meter vacuum solar telescope that aims to observe the fine structures of active regions on the Sun. The main tasks of the NVST are high resolution imaging and spectral observations, including the measurements of the solar magnetic field. The NVST has been collecting more than 20 million FITS files since it began routine observations in 2012 and produces a maximum observational records of 120 thousand files in a day. Given the large amount of files, the effective archiving and retrieval of files becomes a critical and urgent problem. In this study, we implement a new data archiving system for the NVST based on the Fastbit Not Only Structured Query Language (NoSQL) database. Comparing to the relational database (i.e., MySQL; My Structured Query Language), the Fastbit database manifests distinctive advantages on indexing and querying performance. In a large scale database of 40 million records, the multi-field combined query response time of Fastbit database is about 15 times faster and fully meets the requirements of the NVST. Our study brings a new idea for massive astronomical data archiving and would contribute to the design of data management systems for other astronomical telescopes.

A Modeling methodology for NoSQL Key-Value databases

Directory of Open Access Journals (Sweden)

Gerardo ROSSEL

2017-08-01

Full Text Available In recent years, there has been an increasing interest in the field of non-relational databases. However, far too little attention has been paid to design methodology. Key-value data stores are an important component of a class of non-relational technologies that are grouped under the name of NoSQL databases. The aim of this paper is to propose a design methodology for this type of database that allows overcoming the limitations of the traditional techniques. The proposed methodology leads to a clean design that also allows for better data management and consistency.

Evaluation of Sub Query Performance in SQL Server

Science.gov (United States)

Oktavia, Tanty; Sujarwo, Surya

2014-03-01

The paper explores several sub query methods used in a query and their impact on the query performance. The study uses experimental approach to evaluate the performance of each sub query methods combined with indexing strategy. The sub query methods consist of in, exists, relational operator and relational operator combined with top operator. The experimental shows that using relational operator combined with indexing strategy in sub query has greater performance compared with using same method without indexing strategy and also other methods. In summary, for application that emphasized on the performance of retrieving data from database, it better to use relational operator combined with indexing strategy. This study is done on Microsoft SQL Server 2012.

Bluetooth security attacks comparative analysis, attacks, and countermeasures

CERN Document Server

Haataja, Keijo; Pasanen, Sanna; Toivanen, Pekka

2013-01-01

This overview of Bluetooth security examines network vulnerabilities and offers a comparative analysis of recent security attacks. It also examines related countermeasures and proposes a novel attack that works against all existing Bluetooth versions.

Mapeamentos conceituais entre os modelos relacional e NoSQL: Uma abordagem comparativa

Directory of Open Access Journals (Sweden)

Myller Claudino Freitas

2015-12-01

Full Text Available As atuais perspectivas computacionais, vindas sobretudo da Web, têm gerado novas demandas relacionadas ao gerenciamento de dados, principalmente em termos de volume, heterogeneidade e dinamismo. Uma tendência atual para facilitar o gerenciamento de dados na Web é a utilização dos denominados Sistemas NoSQL, que se diferenciam dos sistemas que seguem o Modelo Relacional por possibilitarem a implementação de estruturas mais flexíveis. Contudo, a maioria dos bancos de dados de aplicações existentes encontra-se em estruturas relacionais, e a migração de uma base que segue o Modelo Relacional para uma NoSQL requer grande esforço dos projetistas diante das diferenças existentes. Nesse panorama, este artigo descreve os modelos citados, em termos de conceitos e estruturas, e apresenta um estudo comparativo apontando possíveis mapeamentos conceituais entre eles. Aborda também, de forma comparativa, trabalhos de conversão de dados existentes, e indica desafios e possibilidades para novas pesquisas sobre o tema.

SQL by Example. 1. Application for High School Bachelor Examination

Directory of Open Access Journals (Sweden)

Lorentz JÄNTSCHI

2003-03-01

Full Text Available This paper main objective is to present SQL power of use of data management with heterogeneous cases of data classification. The article is based on a PHP application developed to manage a real situation of school-leaving examination in August 2003 at Braşov city, Romania at exams center no. 29, where the first author was president of the committee of the examination. The paper describes all used queries that was used for classifications, room repartitions, probes and investigation subject envelopes and finally, describe de final classification algorithm.

Práce s databází SQL SERVER 2005 v prostředí Framework.NET a programovacím jazyku C++/CLI

OpenAIRE

SÝKORA, Ondřej

2007-01-01

Obsah práce je zaměřen na vývoj aplikací pro platformu .NET Framework se zaměřením na jazyk C++/CLI v interakci s databází SQL Server 2005. Zaměření především na vývojové možnosti na straně SQL Server 2005 (T-SQL) a na přehled prostředků, které nabízí .NET Framework jako podporu k připojení databáze k aplikacím.

An Electronic Healthcare Record Server Implemented in PostgreSQL

Directory of Open Access Journals (Sweden)

Tony Austin

2015-01-01

Full Text Available This paper describes the implementation of an Electronic Healthcare Record server inside a PostgreSQL relational database without dependency on any further middleware infrastructure. The five-part international standard for communicating healthcare records (ISO EN 13606 is used as the information basis for the design of the server. We describe some of the features that this standard demands that are provided by the server, and other areas where assumptions about the durability of communications or the presence of middleware lead to a poor fit. Finally, we discuss the use of the server in two real-world scenarios including a commercial application.

Distinguishing attack and second-preimage attack on encrypted message authentication codes (EMAC)

Science.gov (United States)

Ariwibowo, Sigit; Windarta, Susila

2016-02-01

In this paper we show that distinguisher on CBC-MAC can be applied to Encrypted Message Authentication Code (EMAC) scheme. EMAC scheme in general is vulnerable to distinguishing attack and second preimage attack. Distinguishing attack simulation on AES-EMAC using 225 message modifications, no collision have been found. According to second preimage attack simulation on AES-EMAC no collision found between EMAC value of S1 and S2, i.e. no second preimage found for messages that have been tested. Based on distinguishing attack simulation on truncated AES-EMAC we found collision in every message therefore we cannot distinguish truncated AES-EMAC with random function. Second-preimage attack is successfully performed on truncated AES-EMAC.

Examining Learning Styles and Perceived Benefits of Analogical Problem Construction on SQL Knowledge Acquisition

Science.gov (United States)

Mills, Robert J.; Dupin-Bryant, Pamela A.; Johnson, John D.; Beaulieu, Tanya Y.

2015-01-01

The demand for Information Systems (IS) graduates with expertise in Structured Query Language (SQL) and database management is vast and projected to increase as "big data" becomes ubiquitous. To prepare students to solve complex problems in a data-driven world, educators must explore instructional strategies to help link prior knowledge…

Implementación de extensiones simbólicas al lenguaje SQL en servidores de bases de datos objeto-relacionales

Directory of Open Access Journals (Sweden)

Johnny Villalobos-Murillo

2015-07-01

Full Text Available Este artículo propone extender el lenguaje SQL al crear nuevos tipos de datos con sus respectivos operadores, que permitan crear y manipular objetos simbólicos directamente sobre las bases de datos. La funcionalidad de la extensión propuesta se valida realizando transformaciones de datos relacionales clásicos a objetos simbólicos en bases de datos de gran volumen. Para los usuarios no familiarizados con el lenguaje SQL, se construye una interfaz de usuario final, que facilita y guía el proceso de transformación simbólica.

A MySQL Based EPICS Archiver

International Nuclear Information System (INIS)

Slominski, Christopher

2009-01-01

Archiving a large fraction of the EPICS signals within the Jefferson Lab (JLAB) Accelerator control system is vital for postmortem and real-time analysis of the accelerator performance. This analysis is performed on a daily basis by scientists, operators, engineers, technicians, and software developers. Archiving poses unique challenges due to the magnitude of the control system. A MySQL Archiving system (Mya) was developed to scale to the needs of the control system; currently archiving 58,000 EPICS variables, updating at a rate of 11,000 events per second. In addition to the large collection rate, retrieval of the archived data must also be fast and robust. Archived data retrieval clients obtain data at a rate over 100,000 data points per second. Managing the data in a relational database provides a number of benefits. This paper describes an archiving solution that uses an open source database and standard off the shelf hardware to reach high performance archiving needs. Mya has been in production at Jefferson Lab since February of 2007.

A MySQL Based EPICS Archiver

Energy Technology Data Exchange (ETDEWEB)

Christopher Slominski

2009-10-01

Archiving a large fraction of the EPICS signals within the Jefferson Lab (JLAB) Accelerator control system is vital for postmortem and real-time analysis of the accelerator performance. This analysis is performed on a daily basis by scientists, operators, engineers, technicians, and software developers. Archiving poses unique challenges due to the magnitude of the control system. A MySQL Archiving system (Mya) was developed to scale to the needs of the control system; currently archiving 58,000 EPICS variables, updating at a rate of 11,000 events per second. In addition to the large collection rate, retrieval of the archived data must also be fast and robust. Archived data retrieval clients obtain data at a rate over 100,000 data points per second. Managing the data in a relational database provides a number of benefits. This paper describes an archiving solution that uses an open source database and standard off the shelf hardware to reach high performance archiving needs. Mya has been in production at Jefferson Lab since February of 2007.

PHP und MySQL der Web-Baukasten fur Einsteiger und Individualisten

CERN Document Server

Damaschke, Giesbert

2015-01-01

Sie haben schon eigene Webseiten gebaut und mochten diese nun mit Funktionen ausstatten, fur die Sie PHP und MySQL benotigen? Giesbert Damaschke zeigt Ihnen in diesem Buch, wie Sie das schaffen. Schritt fur Schritt erlernen Sie die benotigten Programmier- und Datenbankgrundlagen - immer im Rahmen von typischen dynamischen Anwendungen. So erheben und speichern Sie zum Beispiel mit Formularen Kontaktdaten, prufen Benutzereingaben, erstellen Menus, richten einen Besucherzahler ein, verschicken E-Mails mit PHP oder entwickeln sogar einen eigenen Blog. Alle Codebeispiele werden ausfuhrlich erklart,

Cooperating attackers in neural cryptography.

Science.gov (United States)

Shacham, Lanir N; Klein, Einat; Mislovaty, Rachel; Kanter, Ido; Kinzel, Wolfgang

2004-06-01

A successful attack strategy in neural cryptography is presented. The neural cryptosystem, based on synchronization of neural networks by mutual learning, has been recently shown to be secure under different attack strategies. The success of the advanced attacker presented here, called the "majority-flipping attacker," does not decay with the parameters of the model. This attacker's outstanding success is due to its using a group of attackers which cooperate throughout the synchronization process, unlike any other attack strategy known. An analytical description of this attack is also presented, and fits the results of simulations.

Modulární fulltextový vyhledávač pro MySQL

OpenAIRE

Baroš, Martin

2007-01-01

An objective of the project is to develop a modular fulltext search engine using MySQL database server. The search engine should operate with the Czech language's specific attributes. There is no endeavor to develop high quality modules solving linguistic problems. Project should provide interface and ability to plug-in (plug-out) next modules. Project's software platform is Unix, programming language C++.

Crony Attack: Strategic Attack’s Silver Bullet

Science.gov (United States)

2006-11-01

physical assets or financial assets. The form of crony attack that most closely resembles classic strategic attack is to deny, degrade, or destroy a money...February 1951. Reprinted in Airpower Studies Coursebook , Air Command and Staff College, Maxwell AFB, AL, 2002, 152–58. Hirsch, Michael. “NATO’s Game of

A middle layer solution to support ACID properties for NoSQL databases

Directory of Open Access Journals (Sweden)

Ayman E. Lotfy

2016-01-01

Full Text Available The main objective of this paper is to keep the strengths of RDBMSs as consistency and ACID properties and at the same time providing the benefits that inspired the NoSQL movement through a middle layer. The proposed middle layer uses a four phase commit protocol to ensure: the use of recent data, the use of the Pessimistic technique to forbid others dealing with data while it is used and the data updates residing in many locations to avoid the loss of data and disappointment. This mechanism is required, especially in distributed database application NoSQL based environment, because allowing conflicting transactions to continue not only wastes constrained computing power and decreases bandwidth, but also exacerbates conflicts. The middle layer keeps tracking all running transactions and manages with other layers the execution of concurrent transactions. This solution will help increase both of the scalability, and throughput. Finally, the experimental results show that the throughput of the system improves on increasing the number of middle layers in scenarios and the amount of updates to read in a transaction increases. Also the data are consistent with executing many transactions related to each other through updating the same data. The scalability and availability of the system is not affected while ensuring strict consistency.

Datu bāzes struktūras un datu tranformācija no relāciju datu bāzes uz NoSQL datu bāzi

OpenAIRE

Jērāne, Austra

2013-01-01

Bakalaura darbā „Datu bāzes struktūras un datu tranformācija no relāciju datu bāzes uz NoSQL datu bāzi” ir apkopota informācija par relāciju datu bāzu un NoSQL datu bāzu īpašībām un uz šī pētījuma pamata ir veikta dokumentu vadības sistēmas datu bāzes daļas tranformācija uz NoSQL datu bāzi.

Mastering phpMyAdmin 34 for Effective MySQL Management

CERN Document Server

Delisle, Marc

2012-01-01

This is a step-by-step instructional guide to get you started easily with phpMyAdmin and teach you to manage and perform database functions on your database. You will first be introduced to the interface and then build basic tables and perform both simple and advanced functions on the created database. The book progresses gradually and you will follow it best by reading it sequentially. If you are a developer, system administrator, or web designer who wants to manage MySQL databases and tables efficiently, then this book is for you. This book assumes that you are already wellacquainted with My

Technical Aspects of Interfacing MUMPS to an External SQL Relational Database Management System

Science.gov (United States)

Kuzmak, Peter M.; Walters, Richard F.; Penrod, Gail

1988-01-01

This paper describes an interface connecting InterSystems MUMPS (M/VX) to an external relational DBMS, the SYBASE Database Management System. The interface enables MUMPS to operate in a relational environment and gives the MUMPS language full access to a complete set of SQL commands. MUMPS generates SQL statements as ASCII text and sends them to the RDBMS. The RDBMS executes the statements and returns ASCII results to MUMPS. The interface suggests that the language features of MUMPS make it an attractive tool for use in the relational database environment. The approach described in this paper separates MUMPS from the relational database. Positioning the relational database outside of MUMPS promotes data sharing and permits a number of different options to be used for working with the data. Other languages like C, FORTRAN, and COBOL can access the RDBMS database. Advanced tools provided by the relational database vendor can also be used. SYBASE is an advanced high-performance transaction-oriented relational database management system for the VAX/VMS and UNIX operating systems. SYBASE is designed using a distributed open-systems architecture, and is relatively easy to interface with MUMPS.

SQL by Example. 2. PHP and MySQL Web Application based on Tanner-Whitehouse Standard

Directory of Open Access Journals (Sweden)

Sorana Daniela BOLBOACĂ

2003-03-01

Full Text Available In pediatrics, skeletal maturity, also called “bone age”, an expression of biological maturity of a child, is an important quantitative measure for the clinical diagnosis of endocrinological problems and growth disorders. Bone age is also used in monitoring children with hormone therapy. Skeletal maturity may be assessed by analysis of the ossification centers of the hand, foot, knee, elbow or pelvis but most often used is the hand. Skeletal maturity diagnosis is usually based on a visual comparison of a left-hand wrist radiograph with atlas patterns and the most common method used is the Tanner-Whitehouse method. With the help of PHP and MySQL a computer-assisted software we developed, based on Tanner-Whitehouse method, for bone age assessment of children and young people. The program is a client-server one and all data are saved into a database server. The program (1 display control radiographies, schematic drawings and specifications for every stage of hand bones until maturity stage, (2 allow user to select a maturity stage for every bone, (3 save and query personal data of patients, (4 save and query consultations and (5 make consultation reports. URL address: http://vl.academicdirect.ro/medical_informatics/bone_age/v1.2/

Composite Dos Attack Model

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2012-04-01

Full Text Available Preparation for potential threats is one of the most important phases ensuring system security. It allows evaluating possible losses, changes in the attack process, the effectiveness of used countermeasures, optimal system settings, etc. In cyber-attack cases, executing real experiments can be difficult for many reasons. However, mathematical or programming models can be used instead of conducting experiments in a real environment. This work proposes a composite denial of service attack model that combines bandwidth exhaustion, filtering and memory depletion models for a more real representation of similar cyber-attacks. On the basis of the introduced model, different experiments were done. They showed the main dependencies of the influence of attacker and victim’s properties on the success probability of denial of service attack. In the future, this model can be used for the denial of service attack or countermeasure optimization.

METODE RESET PASSWORD LEVEL ROOT PADA RELATIONAL DATABASE MANAGEMENT SYSTEM (RDBMS MySQL

Directory of Open Access Journals (Sweden)

Taqwa Hariguna

2011-08-01

Full Text Available Database merupakan sebuah hal yang penting untuk menyimpan data, dengan database organisasi akan mendapatkan keuntungan dalam beberapa hal, seperti kecepatan akases dan mengurangi penggunaan kertas, namun dengan implementasi database tidak jarang administrator database lupa akan password yang digunakan, hal ini akan mempersulit dalam proses penangganan database. Penelitian ini bertujuan untuk menggali cara mereset password level root pada relational database management system MySQL.

Heart Attack Recovery FAQs

Science.gov (United States)

... recommendations to make a full recovery. View an animation of a heart attack . Heart Attack Recovery Questions ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

Análisis, desarrollo e implementación de auditoría en la base de datos Microsoft SQL Server 2005

OpenAIRE

Fernández Puerto, Clemente

2010-01-01

Tenemos como objetivo estudiar la monitorización y el rendimiento de una instalación de base de datos de Microsoft SQL Server 2005 y la aplicación de la nueva tecnología llamada Service Broker, integrada en el sistema gestor de base de datos y cuya principal función es proporcionar colas de mensajes. Además, queremos auditar el funcionamiento del SGBD Microsoft SQL Server 2005, creando una serie buenas prácticas que permitan obtener unos resultados que nos lleven a tomar las...

MS SQL Server 7.0 as a Platform for a Star Join Schema Data Warehouse

DEFF Research Database (Denmark)

Sørensen, Jens Otto; Alnor, Karl

1998-01-01

In this paper we construct a Star Join Schema and show how this schema can be created using the basic tools delivered with SQL Server 7.0. Major objectives are to keep the operational database unchanged so that data loading can be done without disturbing the business logic of the operational...

Seven Deadliest Wireless Technologies Attacks

CERN Document Server

Haines, Brad

2010-01-01

How can an information security professional keep up with all of the hacks, attacks, and exploits? One way to find out what the worst of the worst are is to read the seven books in our Seven Deadliest Attacks Series. Not only do we let you in on the anatomy of these attacks but we also tell you how to get rid of them and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve. Attacks featured in this book include:Bluetooth AttacksCredit Card, Access Card, and Passport AttacksBad Encryption

Blocking of Brute Force Attack

OpenAIRE

M.Venkata Krishna Reddy

2012-01-01

A common threat Web developers face is a password-guessing attack known as a brute-force attack. A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. If your Web site requires user authentication, you are a good target for a brute-force attack. An attacker can always discover a password through a brute-force attack, but the downside is that it co...

Testing the performance of NoSQL databases via the Database Benchmark tool / Тестирование возможностей базы данных NoSQL с помощью Database Benchmark инструмента / Testiranje performansi NoSQL baza podataka pomoću database benchmark alata

Directory of Open Access Journals (Sweden)

Lazar J. Krstić

2018-07-01

Full Text Available NoSQL is often used as a successful alternative to relational databases, especially when it is necessary to provide adequate system dimensioning, usage of a variety of data types and high efficiency at a low cost for maintaining consistency. The work is conceived in a manner that covers the general concept of a database, i.e. the concept of relational and nonrelational databases, which are substantiated by all important aspects and in an appropriate context. After analyzing the types of NoSQL databases, emphasis is placed on explaining their advantages and disadvantages, as well as on an overview of the NoSQL and SQL database comparison. The final part of the paper presents the results of testing the performance of NoSQL databases, obtained though the Database Benchmark tool. The aim of the paper is to highlight all the details of NoSQL databases in order to establish the justification of their application in practice. / База данных NoSQL часто используется в качестве удачной альтернативы реляционным базам данных, особенно в тех случаях, когда необходимо обеспечить соответствующие размеры системы, применение данных различных типов и высокую эффективность по низкой стоимости хранения и поддержки консистентности данных. В данной работе представлено общее определение базы данных, описаны различные виды баз данных как реляционных, так и нереляционных, выявлены их преимущества и недостатки в соответствующем контексте. Выявленные преимущества и недостатки баз данных NoSQL и SQL �

GEOMAGIA50: An archeointensity database with PHP and MySQL

Science.gov (United States)

Korhonen, K.; Donadini, F.; Riisager, P.; Pesonen, L. J.

2008-04-01

The GEOMAGIA50 database stores 3798 archeomagnetic and paleomagnetic intensity determinations dated to the past 50,000 years. It also stores details of the measurement setup for each determination, which are used for ranking the data according to prescribed reliability criteria. The ranking system aims to alleviate the data reliability problem inherent in this kind of data. GEOMAGIA50 is based on two popular open source technologies. The MySQL database management system is used for storing the data, whereas the functionality and user interface are provided by server-side PHP scripts. This technical brief gives a detailed description of GEOMAGIA50 from a technical viewpoint.

Solidarity under Attack

DEFF Research Database (Denmark)

Meret, Susi; Goffredo, Sergio

2017-01-01

https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack......https://www.opendemocracy.net/can-europe-make-it/susi-meret-sergio-goffredo/solidarity-under-attack...

Attack surfaces

DEFF Research Database (Denmark)

Gruschka, Nils; Jensen, Meiko

2010-01-01

The new paradigm of cloud computing poses severe security risks to its adopters. In order to cope with these risks, appropriate taxonomies and classification criteria for attacks on cloud computing are required. In this work-in-progress paper we present one such taxonomy based on the notion...... of attack surfaces of the cloud computing scenario participants....

Pengembangan Sistem Informasi Akuntansi Dan Pengelolaan Keuangan (Siapkan Modul Administrasi Berteknologi Java Dan DBMS PostgreSql

Directory of Open Access Journals (Sweden)

Wahyudiono Wahyudiono

2012-09-01

Full Text Available Direktorat Jenderal Perbendaharaan Negara telah meluncurkan berbagai jenis aplikasi dalam rangka penatausahaan transaksi satuan kerjanya (satker. Tujuannya adalah menghasilkan laporan keadaan kas dan realisasi anggaran yang akurat dan dapat dipertanggungjawabkan. Beberapa aplikasi untuk membantu satker dalam menatausahakan transaksi yang berhubungan dengan uang negara sudah disediakan. Namun aplikasi-aplikasi yang ada tersebut belum terintegrasi antara satu dengan lainnya. Hal tersebut tentu saja menjadi sebuah penghambat bagi pencapaian efisiensi dan efektifitas pengelolaan data dan transaksi. Pada pengerjaan tugas akhir ini dikembangkan sebuah Aplikasi Sistem Informasi dan Akuntansi Keuangan Negara (SIAPKAN yang dirancang dengan tujuan dapat mengintegrasikan semua aplikasi yang digunakan oleh satker. SIAPKAN merupakan aplikasi berbasis Web berteknologi bahasa pemrograman Java (JavaServlet dan JSP dan sistem manajemen basis data PostgreSQL. Dengan menggunakan bahasa pemrograman Java dan Database Management System (DBMS PostgreSQL, modul Administrasi yang menjadi fokus utama tugas akhir, menjadi gerbang awal dari aplikasi SIAPKAN. Melalui modul Administrasi inilah kebutuhan referensi tiap modul disediakan.

Alternatives to relational databases in precision medicine: Comparison of NoSQL approaches for big data storage using supercomputers

Science.gov (United States)

Velazquez, Enrique Israel

Improvements in medical and genomic technologies have dramatically increased the production of electronic data over the last decade. As a result, data management is rapidly becoming a major determinant, and urgent challenge, for the development of Precision Medicine. Although successful data management is achievable using Relational Database Management Systems (RDBMS), exponential data growth is a significant contributor to failure scenarios. Growing amounts of data can also be observed in other sectors, such as economics and business, which, together with the previous facts, suggests that alternate database approaches (NoSQL) may soon be required for efficient storage and management of big databases. However, this hypothesis has been difficult to test in the Precision Medicine field since alternate database architectures are complex to assess and means to integrate heterogeneous electronic health records (EHR) with dynamic genomic data are not easily available. In this dissertation, we present a novel set of experiments for identifying NoSQL database approaches that enable effective data storage and management in Precision Medicine using patients' clinical and genomic information from the cancer genome atlas (TCGA). The first experiment draws on performance and scalability from biologically meaningful queries with differing complexity and database sizes. The second experiment measures performance and scalability in database updates without schema changes. The third experiment assesses performance and scalability in database updates with schema modifications due dynamic data. We have identified two NoSQL approach, based on Cassandra and Redis, which seems to be the ideal database management systems for our precision medicine queries in terms of performance and scalability. We present NoSQL approaches and show how they can be used to manage clinical and genomic big data. Our research is relevant to the public health since we are focusing on one of the main

Study guide for 1Z0-071 Oracle Database 12c SQL : Oracle Certification Prep

CERN Document Server

Morris, Matthew

2016-01-01

This Study Guide is targeted at IT professionals who are working towards becoming an Oracle Database 12c SQL Certified Associate. The book provides information covering all of the exam topics for the Oracle certification exam: "1Z0-071: Oracle Database 12c SQL". The books in the Oracle Certification Prep series are built in lockstep with the test topics provided by Oracle Education's certification program. Each book is intended to provide the information that will be tested in a clean and concise format. The guides introduce the subject you'll be tested on, follow that with the information you'll need to know for it, and then move on to the next topic. They contain no drills or unrealistic self-tests to bump the page count without adding value. The series is intended to provide a concentrated source of exam information that is compact enough to be read through multiple times. This series is ideal for experienced Oracle professionals that are familiar with the topic being tested, but want a means to rapidly re...

Seven Deadliest Microsoft Attacks

CERN Document Server

Kraus, Rob; Borkin, Mike; Alpern, Naomi

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Microsoft products? Then you need Seven Deadliest Microsoft Attacks. This book pinpoints the most dangerous hacks and exploits specific to Microsoft applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Windows Operating System-Password AttacksActive Directory-Escalat

Spoofing cyber attack detection in probe-based traffic monitoring systems using mixed integer linear programming

KAUST Repository

Canepa, Edward S.

2013-01-01

Traffic sensing systems rely more and more on user generated (insecure) data, which can pose a security risk whenever the data is used for traffic flow control. In this article, we propose a new formulation for detecting malicious data injection in traffic flow monitoring systems by using the underlying traffic flow model. The state of traffic is modeled by the Lighthill-Whitham- Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for some decision variable. We use this fact to pose the problem of detecting spoofing cyber-attacks in probe-based traffic flow information systems as mixed integer linear feasibility problem. The resulting framework can be used to detect spoofing attacks in real time, or to evaluate the worst-case effects of an attack offline. A numerical implementation is performed on a cyber-attack scenario involving experimental data from the Mobile Century experiment and the Mobile Millennium system currently operational in Northern California. © 2013 IEEE.

Spoofing cyber attack detection in probe-based traffic monitoring systems using mixed integer linear programming

KAUST Repository

Canepa, Edward S.

2013-09-01

Traffic sensing systems rely more and more on user generated (insecure) data, which can pose a security risk whenever the data is used for traffic flow control. In this article, we propose a new formulation for detecting malicious data injection in traffic flow monitoring systems by using the underlying traffic flow model. The state of traffic is modeled by the Lighthill- Whitham-Richards traffic flow model, which is a first order scalar conservation law with concave flux function. Given a set of traffic flow data generated by multiple sensors of different types, we show that the constraints resulting from this partial differential equation are mixed integer linear inequalities for a specific decision variable. We use this fact to pose the problem of detecting spoofing cyber attacks in probe-based traffic flow information systems as mixed integer linear feasibility problem. The resulting framework can be used to detect spoofing attacks in real time, or to evaluate the worst-case effects of an attack offliine. A numerical implementation is performed on a cyber attack scenario involving experimental data from the Mobile Century experiment and the Mobile Millennium system currently operational in Northern California. © American Institute of Mathematical Sciences.

Bases de données NoSQL et Big Data concevoir des bases de données pour le Big Data : cours et travaux pratiques niveau B

CERN Document Server

Lacomme, Philippe; Phan, Raksmey

2014-01-01

Les bases de données NoSQL, ou non relationnelles, procèdent d'une logique différente du modèle SQL pour stocker de très grands volumes de données de natures variées. Elles s'affranchissent des contraintes classiques et fournissent une architecture nouvelle, souple et performante. Le Big Data rassemble des technologies répondant aux 4 V : Volume important, Variété d'informations, Vélocité du traitement, Variabilité des sources. L'ouvrage s'emploie à rendre ces techniques accessibles. Il propose une présentation synthétique des systèmes de bases de données NoSQL dans une approche transversale sur plusieurs plateformes : NetBeans et Eclipse. Le propos est constamment illustré par de nombreux exemples implémentés sous forme de travaux pratiques utilisant : Oracle, MongoDB, Cassandra, Neo4j, Redi et Hbase. Des vidéos et des compléments gratuits sont disponibles sur le site web du livre : http://www.isima.fr/~lacomme/NoSQL/."

SQL Collaborative Learning Framework Based on SOA

Science.gov (United States)

Armiati, S.; Awangga, RM

2018-04-01

The research is focused on designing collaborative learning-oriented framework fulfilment service in teaching SQL Oracle 10g. Framework built a foundation of academic fulfilment service performed by a layer of the working unit in collaboration with Program Studi Manajemen Informatika. In the design phase defined what form of collaboration models and information technology proposed for Program Studi Manajemen Informatika by using a framework of collaboration inspired by the stages of modelling a Service Oriented Architecture (SOA). Stages begin with analyzing subsystems, this activity is used to determine subsystem involved and reliance as well as workflow between the subsystems. After the service can be identified, the second phase is designing the component specifications, which details the components that are implemented in the service to include the data, rules, services, profiles can be configured, and variations. The third stage is to allocate service, set the service to the subsystems that have been identified, and its components. Implementation framework contributes to the teaching guides and application architecture that can be used as a landing realize an increase in service by applying information technology.

Whispering through DDoS attack

OpenAIRE

Miralem Mehic; Jiri Slachta; Miroslav Voznak

2016-01-01

Denial of service (DoS) attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS) attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes o...

Assessment and testing of industrial devices robustness against cyber security attacks

International Nuclear Information System (INIS)

Tilaro, F.; Copy, B.

2012-01-01

CERN (European Organization for Nuclear Research),like any organization, needs to achieve the conflicting objectives of connecting its operational network to Internet while at the same time keeping its industrial control systems secure from external and internal cyber attacks. Devices robustness represents a key link in the defense-in-depth concept as some attacks will inevitably penetrate security boundaries and thus require further protection measures. CERN - in collaboration with Siemens - has designed and implemented a dedicated working environment, the Test-bench for Robustness of Industrial Equipment. Such tests attempt to detect possible anomalies by exploiting corrupt communication channels and manipulating the normal behavior of the communication protocols, in the same way as a cyber attacker would proceed. Our approach consists of analyzing protocol implementations by injecting malformed PDUs (Protocol Data Unit) to corrupt the normal behaviour of the system. As a PDU typically has many fields, the number of possible syntactically faulty PDUs grows exponentially with the number of fields. In this document, we proposed a strategy to explore this huge test domain using a hybrid approach of fuzzing and syntax techniques, specifically developed to evaluate industrial device communication robustness. So far, not all the tests can be integrated into automatic tools, human analysis and management is necessary to discover and investigate specific possible failures

Survey of Machine Learning Methods for Database Security

Science.gov (United States)

Kamra, Ashish; Ber, Elisa

Application of machine learning techniques to database security is an emerging area of research. In this chapter, we present a survey of various approaches that use machine learning/data mining techniques to enhance the traditional security mechanisms of databases. There are two key database security areas in which these techniques have found applications, namely, detection of SQL Injection attacks and anomaly detection for defending against insider threats. Apart from the research prototypes and tools, various third-party commercial products are also available that provide database activity monitoring solutions by profiling database users and applications. We present a survey of such products. We end the chapter with a primer on mechanisms for responding to database anomalies.

Protecting Cryptographic Memory against Tampering Attack

DEFF Research Database (Denmark)

Mukherjee, Pratyay

In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks. In prac......In this dissertation we investigate the question of protecting cryptographic devices from tampering attacks. Traditional theoretical analysis of cryptographic devices is based on black-box models which do not take into account the attacks on the implementations, known as physical attacks....... In practice such attacks can be executed easily, e.g. by heating the device, as substantiated by numerous works in the past decade. Tampering attacks are a class of such physical attacks where the attacker can change the memory/computation, gains additional (non-black-box) knowledge by interacting...... with the faulty device and then tries to break the security. Prior works show that generically approaching such problem is notoriously difficult. So, in this dissertation we attempt to solve an easier question, known as memory-tampering, where the attacker is allowed tamper only with the memory of the device...

Seven deadliest USB attacks

CERN Document Server

Anderson, Brian

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting USB technology? Then you need Seven Deadliest USB Attacks. This book pinpoints the most dangerous hacks and exploits specific to USB, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: USB Hacksaw USB Switchblade USB Based Virus/Malicous Code Launch USB Device Overflow RAMdum

Seven Deadliest Unified Communications Attacks

CERN Document Server

York, Dan

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting Unified Communications technology? Then you need Seven Deadliest Unified Communication Attacks. This book pinpoints the most dangerous hacks and exploits specific to Unified Communications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks featured in this book include: UC Ecosystem Attacks Insecure Endpo

Invisible Trojan-horse attack.

Science.gov (United States)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin; Makarov, Vadim

2017-08-21

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance against Scarani-Ac´ın-Ribordy-Gisin (SARG04) QKD protocol at 1924 nm versus that at 1536 nm. The attack strategy was proposed earlier but found to be unsuccessful at the latter wavelength, as reported in N. Jain et al., New J. Phys. 16, 123030 (2014). However at 1924 nm, we show experimentally that the noise response of the detectors to bright pulses is greatly reduced, and show by modeling that the same attack will succeed. The invisible nature of the attack poses a threat to the security of practical QKD if proper countermeasures are not adopted.

Whispering through DDoS attack

Directory of Open Access Journals (Sweden)

Miralem Mehic

2016-03-01

Full Text Available Denial of service (DoS attack is an attempt of the attacker to disable victim's machine by depleting network or computing resources. If this attack is performed with more than one machine, it is called distributed denial of service (DDoS attack. Covert channels are those channels which are used for information transmission even though they are neither designed nor intended to transfer information at all. In this article, we investigated the possibility of using of DDoS attack for purposes of hiding data or concealing the existing covert channel. In addition, in this paper we analyzed the possibility of detection of such covert communication with the well-known statistical method. Also, we proposed the coordination mechanisms of the attack which may be used. A lot of research has been done in order to describe and prevent DDoS attacks, yet research on steganography on this field is still scarce.

Shark: SQL and Analytics with Cost-Based Query Optimization on Coarse-Grained Distributed Memory

Science.gov (United States)

2014-01-13

RDBMS and contains a database (often MySQL or Derby) with a namespace for tables, table metadata and partition information. Table data is stored in an...serialization/deserialization) Java interface implementations with corresponding object inspectors. The Hive driver controls the processing of queries, coordinat...native API, RDD operations are invoked through a functional interface similar to DryadLINQ [32] in Scala, Java or Python. For example, the Scala code for

Heart attack - discharge

Science.gov (United States)

... and lifestyle Cholesterol - drug treatment Controlling your high blood pressure Deep vein thrombosis - discharge Dietary fats explained Fast food tips Heart attack - discharge Heart attack - what to ask your doctor Heart bypass ... pacemaker - discharge High blood pressure - what to ask your doctor How to read ...

Attack Trees for Practical Security Assessment: Ranking of Attack Scenarios with ADTool 2.0

NARCIS (Netherlands)

Gadyatskaya, Olga; Jhawar, Ravi; Kordy, P.T.; Lounis, Karim; Mauw, Sjouke; Trujillo-Rasua, Rolando

2016-01-01

In this tool demonstration paper we present the ADTool2.0: an open-source software tool for design, manipulation and analysis of attack trees. The tool supports ranking of attack scenarios based on quantitative attributes entered by the user; it is scriptable; and it incorporates attack trees with

MySQL/PHP web database applications for IPAC proposal submission

Science.gov (United States)

Crane, Megan K.; Storrie-Lombardi, Lisa J.; Silbermann, Nancy A.; Rebull, Luisa M.

2008-07-01

The Infrared Processing and Analysis Center (IPAC) is NASA's multi-mission center of expertise for long-wavelength astrophysics. Proposals for various IPAC missions and programs are ingested via MySQL/PHP web database applications. Proposers use web forms to enter coversheet information and upload PDF files related to the proposal. Upon proposal submission, a unique directory is created on the webserver into which all of the uploaded files are placed. The coversheet information is converted into a PDF file using a PHP extension called FPDF. The files are concatenated into one PDF file using the command-line tool pdftk and then forwarded to the review committee. This work was performed at the California Institute of Technology under contract to the National Aeronautics and Space Administration.

CACHING DATA STORED IN SQL SERVER FOR OPTIMIZING THE PERFORMANCE

Directory of Open Access Journals (Sweden)

Demian Horia

2016-12-01

Full Text Available This paper present the architecture of web site with different techniques used for optimize the performance of loading the web content. The architecture presented here is for e-commerce site developed on windows with MVC, IIS and Micosoft SQL Server. Caching the data is one technique used by the browsers, by the web servers itself or by proxy servers. Caching the data is made without the knowledge of users and need to provide to user the more recent information from the server. This means that caching mechanism has to be aware of any modification of data on the server. There are different information’s presented in e-commerce site related to products like images, code of product, description, properties or stock

The work-averse cyber attacker model : theory and evidence from two million attack signatures

NARCIS (Netherlands)

Allodi, L.; Massacci, F.; Williams, J.

The typical cyber attacker is assumed to be all powerful and to exploit all possible vulnerabilities. In this paper we present, and empirically validate, a novel and more realistic attacker model. The intuition of our model is that an attacker will optimally choose whether to act and weaponize a new

Workstation Analytics in Distributed Warfighting Experimentation: Results from Coalition Attack Guidance Experiment 3A

Science.gov (United States)

2014-06-01

central location. Each of the SQLite databases are converted and stored in one MySQL database and the pcap files are parsed to extract call information...from the specific communications applications used during the experiment. This extracted data is then stored in the same MySQL database. With all...rhythm of the event. Figure 3 demonstrates the application usage over the course of the experiment for the EXDIR. As seen, the EXDIR spent the majority

Perancangan Sistem Informasi SMA Negeri 1 Babalan Dengan Menggunakan Pemrograman PHP Dan MySQL

OpenAIRE

Yulita, Devi

2014-01-01

Tulisan ini bertujuan untuk membangun suatu sistem informasi pada SMA Negeri 1 Babalan. Sistem ini dikembangkan dengan menggunakan perangkat lunak PHP, MySQL, Apache, dan Mozilla Firefox juga software pembantu lainnya seperti Adobe Dreamweaver CS5. Tujuan dari sistem informasi ini adalah untuk menyajikan informasi profil sekolah, visi, misi dan tujuan, daftar siswa, daftar guru. Merancang sebuah website untuk membantu siswa dalam memperoleh informasi SMA Negeri 1 Babalan dan website ini dapat...

Network Protection Against DDoS Attacks

Directory of Open Access Journals (Sweden)

Petr Dzurenda

2015-03-01

Full Text Available The paper deals with possibilities of the network protection against Distributed Denial of Service attacks (DDoS. The basic types of DDoS attacks and their impact on the protected network are presented here. Furthermore, we present basic detection and defense techniques thanks to which it is possible to increase resistance of the protected network or device against DDoS attacks. Moreover, we tested the ability of current commercial Intrusion Prevention Systems (IPS, especially Radware DefensePro 6.10.00 product against the most common types of DDoS attacks. We create five scenarios that are varied in type and strength of the DDoS attacks. The attacks intensity was much greater than the normal intensity of the current DDoS attacks.

Attack Tree Generation by Policy Invalidation

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2015-01-01

through brainstorming of experts. In this work we formalize attack tree generation including human factors; based on recent advances in system models we develop a technique to identify possible attacks analytically, including technical and human factors. Our systematic attack generation is based......Attacks on systems and organisations increasingly exploit human actors, for example through social engineering, complicating their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified...... on invalidating policies in the system model by identifying possible sequences of actions that lead to an attack. The generated attacks are precise enough to illustrate the threat, and they are general enough to hide the details of individual steps....

A parallel model for SQL astronomical databases based on solid state storage. Application to the Gaia Archive PostgreSQL database

Science.gov (United States)

González-Núñez, J.; Gutiérrez-Sánchez, R.; Salgado, J.; Segovia, J. C.; Merín, B.; Aguado-Agelet, F.

2017-07-01

Query planning and optimisation algorithms in most popular relational databases were developed at the times hard disk drives were the only storage technology available. The advent of higher parallel random access capacity devices, such as solid state disks, opens up the way for intra-machine parallel computing over large datasets. We describe a two phase parallel model for the implementation of heavy analytical processes in single instance PostgreSQL astronomical databases. This model is particularised to fulfil two frequent astronomical problems, density maps and crossmatch computation with Quad Tree Cube (Q3C) indexes. They are implemented as part of the relational databases infrastructure for the Gaia Archive and performance is assessed. Improvement of a factor 28.40 in comparison to sequential execution is observed in the reference implementation for a histogram computation. Speedup ratios of 3.7 and 4.0 are attained for the reference positional crossmatches considered. We observe large performance enhancements over sequential execution for both CPU and disk access intensive computations, suggesting these methods might be useful with the growing data volumes in Astronomy.

Data mining approach to web application intrusions detection

Science.gov (United States)

Kalicki, Arkadiusz

2011-10-01

Web applications became most popular medium in the Internet. Popularity, easiness of web application script languages and frameworks together with careless development results in high number of web application vulnerabilities and high number of attacks performed. There are several types of attacks possible because of improper input validation: SQL injection Cross-site scripting, Cross-Site Request Forgery (CSRF), web spam in blogs and others. In order to secure web applications intrusion detection (IDS) and intrusion prevention systems (IPS) are being used. Intrusion detection systems are divided in two groups: misuse detection (traditional IDS) and anomaly detection. This paper presents data mining based algorithm for anomaly detection. The principle of this method is the comparison of the incoming HTTP traffic with a previously built profile that contains a representation of the "normal" or expected web application usage sequence patterns. The frequent sequence patterns are found with GSP algorithm. Previously presented detection method was rewritten and improved. Some tests show that the software catches malicious requests, especially long attack sequences, results quite good with medium length sequences, for short length sequences must be complemented with other methods.

Terrorists and Suicide Attacks

National Research Council Canada - National Science Library

Cronin, Audrey K

2003-01-01

Suicide attacks by terrorist organizations have become more prevalent globally, and assessing the threat of suicide attacks against the United States and its interests at home and abroad has therefore...

Stochastic Model of TCP SYN Attacks

Directory of Open Access Journals (Sweden)

Simona Ramanauskaitė

2011-08-01

Full Text Available A great proportion of essential services are moving into internet space making the threat of DoS attacks even more actual. To estimate the real risk of some kind of denial of service (DoS attack in real world is difficult, but mathematical and software models make this task easier. In this paper we overview the ways of implementing DoS attack models and offer a stochastic model of SYN flooding attack. It allows evaluating the potential threat of SYN flooding attacks, taking into account both the legitimate system flow as well as the possible attack power. At the same time we can assess the effect of such parameters as buffer capacity, open connection storage in the buffer or filte­ring efficiency on the success of different SYN flooding attacks. This model can be used for other type of memory depletion denial of service attacks.Article in Lithuanian

Attack Trees with Sequential Conjunction

NARCIS (Netherlands)

Jhawar, Ravi; Kordy, Barbara; Mauw, Sjouke; Radomirović, Sasa; Trujillo-Rasua, Rolando

2015-01-01

We provide the first formal foundation of SAND attack trees which are a popular extension of the well-known attack trees. The SAND at- tack tree formalism increases the expressivity of attack trees by intro- ducing the sequential conjunctive operator SAND. This operator enables the modeling of

Heart attack first aid

Science.gov (United States)

First aid - heart attack; First aid - cardiopulmonary arrest; First aid - cardiac arrest ... A heart attack occurs when the blood flow that carries oxygen to the heart is blocked. The heart muscle ...

Investigating the Possibility to Individualize Asthma Attack Therapy Based on Attack Severity and Patient Characteristics

Directory of Open Access Journals (Sweden)

Sárkány Zoltán

2016-03-01

Full Text Available Introduction: The objective of this study was to investigate with the help of a computerized simulation model whether the treatment of an acute asthma attack can be individualized based on the severity of the attack and the characteristics of the patient. Material and Method: A stochastic lung model was used to simulate the deposition of 1 nm - 10 μm particles during a mild and a moderate asthma attack. Breathing parameters were varied to maximize deposition, and simulation results were compared with those obtained in the case of a severe asthma attack. In order to investigate the effect of height on the deposition of inhaled particles, another series of simulations was carried out with identical breathing parameters, comparing patient heights of 155 cm, 175 cm and 195 cm. Results: The optimization process yielded an increase in the maximum deposition values of around 6-7% for each type of investigated asthma attack, and the difference between attacks of different degree of severity was around 5% for both the initial and the optimized values, a higher degree of obstruction increasing the amount of deposited particles. Conclusions: Our results suggest that the individualization of asthma attack treatment cannot be based on particles of different size, as the highest deposited fraction in all three types of attacks can be obtained using 0.01 μm particles. The use of a specific set of breathing parameters yields a difference between a mild and a moderate, as well as a moderate and a severe asthma attack of around 5%.

Analytical Characterization of Internet Security Attacks

Science.gov (United States)

Sellke, Sarah H.

2010-01-01

Internet security attacks have drawn significant attention due to their enormously adverse impact. These attacks includes Malware (Viruses, Worms, Trojan Horse), Denial of Service, Packet Sniffer, and Password Attacks. There is an increasing need to provide adequate defense mechanisms against these attacks. My thesis proposal deals with analytical…

Anger attacks in obsessive compulsive disorder

Directory of Open Access Journals (Sweden)

Nitesh Prakash Painuly

2011-01-01

Full Text Available Background: Research on anger attacks has been mostly limited to depression, and only a few studies have focused on anger attacks in obsessive compulsive disorder. Materials and Methods: In a cross-sectional study all new obsessive compulsive disorder patients aged 20-60 years attending an outpatient clinic were assessed using the anger attack questionnaire, irritability, depression and anxiety scale (for the direction of the aggressive behavior and quality of life (QOL. Results: The sample consisted of 42 consecutive subjects with obsessive compulsive disorder, out of which 21 (50% had anger attacks. The obsessive compulsive disorder subjects with and without anger attacks did not show significant differences in terms of sociodemographic variables, duration of illness, treatment, and family history. However, subjects with anger attacks had significantly higher prevalence of panic attacks and comorbid depression. Significantly more subjects with anger attacks exhibited aggressive acts toward spouse, parents, children, and other relatives in the form of yelling and threatening to hurt, trying to hurt, and threatening to leave. However, the two groups did not differ significantly in terms of QOL, except for the psychological domain being worse in the subjects with anger attacks. Conclusion: Anger attacks are present in half of the patients with obsessive compulsive disorder, and they correlate with the presence of comorbid depression.

PolarDB – Infrastructure for Specialized NoSQL Datebases and DBMS

Directory of Open Access Journals (Sweden)

A. G. Marchuk

2014-01-01

Full Text Available The report presents a new system focused on the creation of specialized databases and database management systems. Based on the analysis of various NoSQL solutions there have been formulated some principles of such a system. The main features of the approach are: a the infrastructure provides a flexible system of type definitions which allow to create data structures based on different paradigms; b different forms of structured data support and mapping to the file system are used in the infrastructure. Experiments were provided with the implementation of RDF graphs, relational tables, name tables, object-relational mappings. The approach allows to solve some problems of technologies creation for work with Big Data.

Seven Deadliest Social Network Attacks

CERN Document Server

Timm, Carl

2010-01-01

Do you need to keep up with the latest hacks, attacks, and exploits effecting social networks? Then you need Seven Deadliest Social Network Attacks. This book pinpoints the most dangerous hacks and exploits specific to social networks like Facebook, Twitter, and MySpace, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable. Attacks detailed in this book include: Social Networking Infrastruct

Pericarditis - after heart attack

Science.gov (United States)

... include: A previous heart attack Open heart surgery Chest trauma A heart attack that has affected the thickness of your heart muscle Symptoms Symptoms include: Anxiety Chest pain from the swollen pericardium rubbing on the ...

Nitrocobinamide, a New Cyanide Antidote That Can Be Administered by Intramuscular Injection

Science.gov (United States)

Chan, Adriano; Jiang, Jingjing; Fridman, Alla; Guo, Ling T.; Shelton, G. Diane; Liu, Ming-Tao; Green, Carol; Haushalter, Kristofer J.; Patel, Hemal H.; Lee, Jangwoen; Yoon, David; Burney, Tanya; Mukai, David; Mahon, Sari B.; Brenner, Matthew; Pilz, Renate B.; Boss, Gerry R.

2015-01-01

Currently available cyanide antidotes must be given by intravenous injection over 5–10 min, making them illsuited for treating many people in the field, as could occur in a major fire, an industrial accident, or a terrorist attack. These scenarios call for a drug that can be given quickly, e.g., by intramuscular injection. We have shown that aquohydroxocobinamide is a potent cyanide antidote in animal models of cyanide poisoning, but it is unstable in solution and poorly absorbed after intramuscular injection. Here we show that adding sodium nitrite to cobinamide yields a stable derivative (referred to as nitrocobinamide) that rescues cyanide-poisoned mice and rabbits when given by intramuscular injection. We also show that the efficacy of nitrocobinamide is markedly enhanced by coadministering sodium thiosulfate (reducing the total injected volume), and we calculate that ∼1.4 mL each of nitrocobinamide and sodium thiosulfate should rescue a human from a lethal cyanide exposure. PMID:25650735

WILD PIG ATTACKS ON HUMANS

Energy Technology Data Exchange (ETDEWEB)

Mayer, J.

2013-04-12

Attacks on humans by wild pigs (Sus scrofa) have been documented since ancient times. However, studies characterizing these incidents are lacking. In an effort to better understand this phenomenon, information was collected from 412 wild pig attacks on humans. Similar to studies of large predator attacks on humans, data came from a variety of sources. The various attacks compiled occurred in seven zoogeographic realms. Most attacks occurred within the species native range, and specifically in rural areas. The occurrence was highest during the winter months and daylight hours. Most happened under non-hunting circumstances and appeared to be unprovoked. Wounded animals were the chief cause of these attacks in hunting situations. The animals involved were typically solitary, male and large in size. The fate of the wild pigs involved in these attacks varied depending upon the circumstances, however, most escaped uninjured. Most human victims were adult males traveling on foot and alone. The most frequent outcome for these victims was physical contact/mauling. The severity of resulting injuries ranged from minor to fatal. Most of the mauled victims had injuries to only one part of their bodies, with legs/feet being the most frequent body part injured. Injuries were primarily in the form of lacerations and punctures. Fatalities were typically due to blood loss. In some cases, serious infections or toxemia resulted from the injuries. Other species (i.e., pets and livestock) were also accompanying some of the humans during these attacks. The fates of these animals varied from escaping uninjured to being killed. Frequency data on both non-hunting and hunting incidents of wild pig attacks on humans at the Savannah River Site, South Carolina, showed quantitatively that such incidents are rare.

Cache timing attacks on recent microarchitectures

DEFF Research Database (Denmark)

Andreou, Alexandres; Bogdanov, Andrey; Tischhauser, Elmar Wolfgang

2017-01-01

Cache timing attacks have been known for a long time, however since the rise of cloud computing and shared hardware resources, such attacks found new potentially devastating applications. One prominent example is S$A (presented by Irazoqui et al at S&P 2015) which is a cache timing attack against...... AES or similar algorithms in virtualized environments. This paper applies variants of this cache timing attack to Intel's latest generation of microprocessors. It enables a spy-process to recover cryptographic keys, interacting with the victim processes only over TCP. The threat model is a logically...... separated but CPU co-located attacker with root privileges. We report successful and practically verified applications of this attack against a wide range of microarchitectures, from a two-core Nehalem processor (i5-650) to two-core Haswell (i7-4600M) and four-core Skylake processors (i7-6700). The attack...

Lysine clonixinate versus dipyrone (metamizole) for the acute treatment of severe migraine attacks: a single-blind, randomized study.

Science.gov (United States)

Krymchantowski, Abouch Valenty; Carneiro, Henrique; Barbosa, Jackeline; Jevoux, Carla

2008-06-01

Nonsteroidal anti-inflammatory drugs (NSAID) are effective to treat migraine attacks. Lysine clonixinate (LC) and dipyrone (metamizol) have been proven effective to treat acute migraine. The aim of this study was to evaluate the efficacy and tolerability of the intravenous formulations of LC and dipyrone in the treatment of severe migraine attacks. Thirty patients (28 women, 2 men), aged 18 to 48 years with migraine according the International Headache Society (IHS) (2004) were studied. The patients were randomized into 2 groups when presenting to an emergency department with a severe migraine attack. The study was single-blind. Headache intensity, nausea, photophobia and side effects were evaluated at 0, 30, 60 and 90 minutes after the drug administration. Rectal indomethacin as rescue medication (RM) was available after 2 hours and its use compared between groups. All patients completed the study. At 30 minutes, 0% of the dipyrone group 13% of the LC group were pain free (p=0.46). At 60 and 90 minutes, 2 (13%) and 5 (33%) patients from the dipyrone group and 11 (73%) and 13 (86.7%) patients from the LC group were pain free (p<0.001). At 60 minutes, significantly more patients from the LC group were nausea-free (p<0.001). Regarding photophobia, there were no differences between groups at 60 minutes (p=0.11). The use of RM at 2 hours did not differ among groups (p=0.50). Pain in the site of the injection was reported by more patients of the LC group compared to the dipyrone group (p<0.0001). LC is significantly superior to dipyrone in treating severe migraine attacks. LC promotes significantly more burning at the site of the injection.

Virtual file system on NoSQL for processing high volumes of HL7 messages.

Science.gov (United States)

Kimura, Eizen; Ishihara, Ken

2015-01-01

The Standardized Structured Medical Information Exchange (SS-MIX) is intended to be the standard repository for HL7 messages that depend on a local file system. However, its scalability is limited. We implemented a virtual file system using NoSQL to incorporate modern computing technology into SS-MIX and allow the system to integrate local patient IDs from different healthcare systems into a universal system. We discuss its implementation using the database MongoDB and describe its performance in a case study.

The Cyber-Physical Attacker

DEFF Research Database (Denmark)

Vigo, Roberto

2012-01-01

The world of Cyber-Physical Systems ranges from industrial to national interest applications. Even though these systems are pervading our everyday life, we are still far from fully understanding their security properties. Devising a suitable attacker model is a crucial element when studying...... the security properties of CPSs, as a system cannot be secured without defining the threats it is subject to. In this work an attacker scenario is presented which addresses the peculiarities of a cyber-physical adversary, and we discuss how this scenario relates to other attacker models popular in the security...

Forensics Investigation of Web Application Security Attacks

OpenAIRE

Amor Lazzez; Thabet Slimani

2015-01-01

Nowadays, web applications are popular targets for security attackers. Using specific security mechanisms, we can prevent or detect a security attack on a web application, but we cannot find out the criminal who has carried out the security attack. Being unable to trace back an attack, encourages hackers to launch new attacks on the same system. Web application forensics aims to trace back and attribute a web application security attack to its originator. This may significantly reduce the sec...

Adaptive cyber-attack modeling system

Science.gov (United States)

Gonsalves, Paul G.; Dougherty, Edward T.

2006-05-01

The pervasiveness of software and networked information systems is evident across a broad spectrum of business and government sectors. Such reliance provides an ample opportunity not only for the nefarious exploits of lone wolf computer hackers, but for more systematic software attacks from organized entities. Much effort and focus has been placed on preventing and ameliorating network and OS attacks, a concomitant emphasis is required to address protection of mission critical software. Typical software protection technique and methodology evaluation and verification and validation (V&V) involves the use of a team of subject matter experts (SMEs) to mimic potential attackers or hackers. This manpower intensive, time-consuming, and potentially cost-prohibitive approach is not amenable to performing the necessary multiple non-subjective analyses required to support quantifying software protection levels. To facilitate the evaluation and V&V of software protection solutions, we have designed and developed a prototype adaptive cyber attack modeling system. Our approach integrates an off-line mechanism for rapid construction of Bayesian belief network (BN) attack models with an on-line model instantiation, adaptation and knowledge acquisition scheme. Off-line model construction is supported via a knowledge elicitation approach for identifying key domain requirements and a process for translating these requirements into a library of BN-based cyber-attack models. On-line attack modeling and knowledge acquisition is supported via BN evidence propagation and model parameter learning.

Predicting Factors of Zone 4 Attack in Volleyball.

Science.gov (United States)

Costa, Gustavo C; Castro, Henrique O; Evangelista, Breno F; Malheiros, Laura M; Greco, Pablo J; Ugrinowitsch, Herbert

2017-06-01

This study examined 142 volleyball games of the Men's Super League 2014/2015 seasons in Brazil from which we analyzed 24-26 games of each participating team, identifying 5,267 Zone 4 attacks for further analysis. Within these Zone 4 attacks, we analyzed the association between the effect of the attack carried out and the separate effects of serve reception, tempo and type of attack. We found that the reception, tempo of attack, second tempo of attack, and power of diagonal attack were predictors of the attack effect in Zone 4. Moreover, placed attacks showed a tendency to not yield a score. In conclusion, winning points in high-level men's volleyball requires excellent receptions, a fast attack tempo and powerfully executed of attacks.

Attack Potential Evaluation in Desktop and Smartphone Fingerprint Sensors: Can They Be Attacked by Anyone?

Directory of Open Access Journals (Sweden)

Ines Goicoechea-Telleria

2018-01-01

Full Text Available The use of biometrics keeps growing. Every day, we use biometric recognition to unlock our phones or to have access to places such as the gym or the office, so we rely on the security manufacturers offer when protecting our privileges and private life. It is well known that it is possible to hack into a fingerprint sensor using fake fingers made of Play-Doh and other easy-to-obtain materials but to what extent? Is this true for all users or only for specialists with a deep knowledge on biometrics? Are smartphone fingerprint sensors as reliable as desktop sensors? To answer these questions, we performed 3 separate evaluations. First, we evaluated 4 desktop fingerprint sensors of different technologies by attacking them with 7 different fake finger materials. All of them were successfully attacked by an experienced attacker. Secondly, we carried out a similar test on 5 smartphones with embedded sensors using the most successful materials, which also hacked the 5 sensors. Lastly, we gathered 15 simulated attackers with no background in biometrics to create fake fingers of several materials, and they had one week to attack the fingerprint sensors of the same 5 smartphones, with the starting point of a short video with the techniques to create them. All 5 smartphones were successfully attacked by an inexperienced attacker. This paper will provide the results achieved, as well as an analysis on the attack potential of every case. All results are given following the metrics of the standard ISO/IEC 30107-3.

Managing burn victims of suicide bombing attacks: outcomes, lessons learnt, and changes made from three attacks in Indonesia.

Science.gov (United States)

Chim, Harvey; Yew, Woon Si; Song, Colin

2007-01-01

Terror attacks in Southeast Asia were almost nonexistent until the 2002 Bali bomb blast, considered the deadliest attack in Indonesian history. Further attacks in 2003 (Jakarta), 2004 (Jakarta), and 2005 (Bali) have turned terrorist attacks into an ever-present reality. The authors reviewed medical charts of victims evacuated to the Singapore General Hospital (SGH) Burns Centre during three suicide attacks involving Bali (2002 and 2005) and the Jakarta Marriott hotel (2003). Problems faced, lessons learnt, and costs incurred are discussed. A burns disaster plan drawing on lessons learnt from these attacks is presented. Thirty-one patients were treated at the SGH Burns Centre in three attacks (2002 Bali attack [n = 15], 2003 Jakarta attack [n = 14], and 2005 Bali attack [n = 2]). For the 2002 Bali attack, median age was 29 years (range 20 to 50 years), median percentage of total burn surface area (TBSA) was 29% (range 5% to 55%), and median abbreviated burn severity index (ABSI) was 6 (range 3 to 10). Eight of 15 patients were admitted to the intensive care unit. For the 2003 Jakarta attack, median age was 35 years (range 24 to 56 years), median percentage of TBSA was 10% (range 2% to 46%), and median ABSI was 4 (range 3 to 9). A large number of patients had other injuries. Problems faced included manpower issues, lack of bed space, shortage of blood products, and lack of cadaver skin. The changing nature of terror attacks mandates continued vigilance and disaster preparedness. The multidimensional burns patient, complicated by other injuries, is likely to become increasingly common. A burns disaster plan with emphasis on effective command, control, and communication as well as organisation of health care personnel following a 'team concept' will do much to ensure that the sudden onset of a crisis situation at an unexpected time does not overwhelm hospital manpower and resources.

Overview of DOS attacks on wireless sensor networks and experimental results for simulation of interference attacks

Directory of Open Access Journals (Sweden)

Željko Gavrić

2018-01-01

Full Text Available Wireless sensor networks are now used in various fields. The information transmitted in the wireless sensor networks is very sensitive, so the security issue is very important. DOS (denial of service attacks are a fundamental threat to the functioning of wireless sensor networks. This paper describes some of the most common DOS attacks and potential methods of protection against them. The case study shows one of the most frequent attacks on wireless sensor networks – the interference attack. In the introduction of this paper authors assume that the attack interference can cause significant obstruction of wireless sensor networks. This assumption has been proved in the case study through simulation scenario and simulation results.

Securing internet by eliminating DDOS attacks

Science.gov (United States)

Niranchana, R.; Gayathri Devi, N.; Santhi, H.; Gayathri, P.

2017-11-01

The major threat caused to the authorised usage of Internet is Distributed Denial of Service attack. The mechanisms used to prevent the DDoS attacks are said to overcome the attack’s ability in spoofing the IP packets source addresses. By utilising Internet Protocol spoofing, the attackers cause a consequential load over the networks destination for policing attack packets. To overcome the IP Spoofing level on the Internet, We propose an Inter domain Packet Filter (IPF) architecture. The proposed scheme is not based on global routing information. The packets with reliable source addresses are not rejected, the IPF frame work works in such a manner. The spoofing capability of attackers is confined by IPF, and also the filter identifies the source of an attack packet by minimal number of candidate network.

Plants under dual attack

NARCIS (Netherlands)

Ponzio, C.A.M.

2016-01-01

Though immobile, plants are members of complex environments, and are under constant threat from a wide range of attackers, which includes organisms such as insect herbivores or plant pathogens. Plants have developed sophisticated defenses against these attackers, and include chemical responses

New attacks on Wi-Fi Protected Setup

OpenAIRE

Hamed Mohtadi; Alireza Rahimi

2015-01-01

Wi-Fi Protected Setup (WPS) is a network security standard that is used to secure networks in home and office, introduced in 2006 by the Wi-Fi Alliance. It provides easier configuration setup and is used in almost all recent Wi-Fi devices. In this paper we propose two attacks on this standard. The first attack is an offline brute force attack that uses imbalance on registration protocol. This attack needs user action, but it is more efficient than previous attacks. The second attack uses weak...

A Game Theoretic Approach to Cyber Attack Prediction

Energy Technology Data Exchange (ETDEWEB)

Peng Liu

2005-11-28

The area investigated by this project is cyber attack prediction. With a focus on correlation-based prediction, current attack prediction methodologies overlook the strategic nature of cyber attack-defense scenarios. As a result, current cyber attack prediction methodologies are very limited in predicting strategic behaviors of attackers in enforcing nontrivial cyber attacks such as DDoS attacks, and may result in low accuracy in correlation-based predictions. This project develops a game theoretic framework for cyber attack prediction, where an automatic game-theory-based attack prediction method is proposed. Being able to quantitatively predict the likelihood of (sequences of) attack actions, our attack prediction methodology can predict fine-grained strategic behaviors of attackers and may greatly improve the accuracy of correlation-based prediction. To our best knowledge, this project develops the first comprehensive framework for incentive-based modeling and inference of attack intent, objectives, and strategies; and this project develops the first method that can predict fine-grained strategic behaviors of attackers. The significance of this research and the benefit to the public can be demonstrated to certain extent by (a) the severe threat of cyber attacks to the critical infrastructures of the nation, including many infrastructures overseen by the Department of Energy, (b) the importance of cyber security to critical infrastructure protection, and (c) the importance of cyber attack prediction to achieving cyber security.

Shilling Attack Prevention for Recommender Systems Using Social-based Clustering

KAUST Repository

Lee, Tak

2011-06-06

A Recommender System (RS) is a system that utilizes user and item information to predict the feeling of users towards unfamiliar items. Recommender Systems have become popular tools for online stores due to their usefulness in confidently recommending items to users. A popular algorithm for recommender system is Collaborative Filtering (CF). CF uses other users\\' profiles to predict whether a user is interested in a particular object. This system, however, is vulnerable to malicious users seeking to promote items by manipulating rating predictions with fake user profiles. Profiles with behaviors similar to "victim" users alter the prediction of a Recommender System. Manipulating rating predictions through injected profiles is referred to as a shilling attack. It is important to develop shilling attack prevention frameworks for to protect the trustworthiness of Recommender Systems. In this thesis, we will demonstrate a new methodology that utilizes social information to prevent malicious users from manipulating the prediction system. The key element in our new methodology rests upon the concept of trust among real users, an element we claim absent among malicious profiles. In order to use trust information for shilling attack prevention, we first develop a weighting system which makes the system rely more on trustworthy users when making predictions. We then use this trust information to cluster out untrustworthy users to improve rating robustness. The robustness of the new and classic systems is then evaluated with data from a public commercial consumer RS, Epinions.com. Several complexity reduction procedures are also introduced to make implementing the algorithms mentioned possible for a huge commercial database.

Invisible Trojan-horse attack

DEFF Research Database (Denmark)

Sajeed, Shihan; Minshull, Carter; Jain, Nitin

2017-01-01

We demonstrate the experimental feasibility of a Trojan-horse attack that remains nearly invisible to the single-photon detectors employed in practical quantum key distribution (QKD) systems, such as Clavis2 from ID Quantique. We perform a detailed numerical comparison of the attack performance...

Radiological attacks and accidents. Medical consequences

International Nuclear Information System (INIS)

Sakuta, Hidenari

2007-01-01

Probability of the occurrence of radiological attacks appears to be elevated after the terrorist attacks against the United States on September 11 in 2001. There are a lot of scenarios of radiological attack: simple radiological device, radiological disperse device (RDD or dirty bomb), attacks against nuclear reactor, improvised nuclear device, and nuclear weapons. Of these, RDD attack is the most probable scenario, because it can be easily made and can generate enormous psychological and economic damages. Radiological incidents are occurring to and fro in the world, including several cases of theft to nuclear facilities and unsuccessful terrorist attacks against them. Recently, a former Russian spy has allegedly been killed using polonium-210. In addition, serious radiological accidents have occurred in Chernobyl, Goiania, and Tokai-mura. Planning, preparation, education, and training exercise appear to be essential factors to cope with radiological attacks and accidents effectively without feeling much anxiety. Triage and psychological first aid are prerequisite to manage and provide effective medial care for mass casualties without inducing panic. (author)

Script-viruses Attacks on UNIX OS

Directory of Open Access Journals (Sweden)

D. M. Mikhaylov

2010-06-01

Full Text Available In this article attacks on UNIX OS are considered. Currently antivirus developers are concentrated on protecting systems from viruses that are most common and attack popular operating systems. If the system or its components are not often attacked then the antivirus products are not protecting these components as it is not profitable. The same situation is with script-viruses for UNIX OS as most experts consider that it is impossible for such viruses to get enough rights to attack. Nevertheless the main conclusion of this article is the fact that such viruses can be very powerful and can attack systems and get enough rights.

Basic database performance tuning - developer's perspective

CERN Document Server

Kwiatek, Michal

2008-01-01

This lecture discusses selected database performance issues from the developer's point of view: connection overhead, bind variables and SQL injection, making most of the optimizer with up-to-date statistics, reading execution plans. Prior knowledge of SQL is expected.

Hybrid attacks on model-based social recommender systems

Science.gov (United States)

Yu, Junliang; Gao, Min; Rong, Wenge; Li, Wentao; Xiong, Qingyu; Wen, Junhao

2017-10-01

With the growing popularity of the online social platform, the social network based approaches to recommendation emerged. However, because of the open nature of rating systems and social networks, the social recommender systems are susceptible to malicious attacks. In this paper, we present a certain novel attack, which inherits characteristics of the rating attack and the relation attack, and term it hybrid attack. Furtherly, we explore the impact of the hybrid attack on model-based social recommender systems in multiple aspects. The experimental results show that, the hybrid attack is more destructive than the rating attack in most cases. In addition, users and items with fewer ratings will be influenced more when attacked. Last but not the least, the findings suggest that spammers do not depend on the feedback links from normal users to become more powerful, the unilateral links can make the hybrid attack effective enough. Since unilateral links are much cheaper, the hybrid attack will be a great threat to model-based social recommender systems.

An Analysis of Attacks on Blockchain Consensus

OpenAIRE

Bissias, George; Levine, Brian Neil; Ozisik, A. Pinar; Andresen, Gavin

2016-01-01

We present and validate a novel mathematical model of the blockchain mining process and use it to conduct an economic evaluation of the double-spend attack, which is fundamental to all blockchain systems. Our analysis focuses on the value of transactions that can be secured under a conventional double-spend attack, both with and without a concurrent eclipse attack. Our model quantifies the importance of several factors that determine the attack's success, including confirmation depth, attacke...

Automated classification of computer network attacks

CSIR Research Space (South Africa)

Van Heerden, R

2013-11-01

Full Text Available according to the relevant types of attack scenarios depicted in the ontology. The two network attack instances are the Distributed Denial of Service attack on SpamHaus in 2013 and the theft of 42 million Rand ($6.7 million) from South African Postbank...

Cyber Attacks and Combat Behavior

Directory of Open Access Journals (Sweden)

Carataș Maria Alina

2017-01-01

Full Text Available Cyber terrorism is an intangible danger, a real over the corner threat in the life of individuals,organizations, and governments and is getting harder to deal with its damages. The motivations forthe cyber-attacks are different, depending on the terrorist group, from cybercrime to hacktivism,attacks over the authorities’ servers. Organizations constantly need to find new ways ofstrengthening protection against cyber-attacks, assess their cyber readiness, expand the resiliencecapacity and adopts international security regulations.

Attacks on public telephone networks: technologies and challenges

Science.gov (United States)

Kosloff, T.; Moore, Tyler; Keller, J.; Manes, Gavin W.; Shenoi, Sujeet

2003-09-01

Signaling System 7 (SS7) is vital to signaling and control in America's public telephone networks. This paper describes a class of attacks on SS7 networks involving the insertion of malicious signaling messages via compromised SS7 network components. Three attacks are discussed in detail: IAM flood attacks, redirection attacks and point code spoofing attacks. Depending on their scale of execution, these attacks can produce effects ranging from network congestion to service disruption. Methods for detecting these denial-of-service attacks and mitigating their effects are also presented.

Defense and attack of complex and dependent systems

International Nuclear Information System (INIS)

Hausken, Kjell

2010-01-01

A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

Defense and attack of complex and dependent systems

Energy Technology Data Exchange (ETDEWEB)

Hausken, Kjell, E-mail: kjell.hausken@uis.n [Faculty of Social Sciences, University of Stavanger, N-4036 Stavanger (Norway)

2010-01-15

A framework is constructed for how to analyze the strategic defense of an infrastructure subject to attack by a strategic attacker. Merging operations research, reliability theory, and game theory for optimal analytical impact, the optimization program for the defender and attacker is specified. Targets can be in parallel, series, combined series-parallel, complex, k-out-of-n redundancy, independent, interdependent, and dependent. The defender and attacker determine how much to invest in defending versus attacking each of multiple targets. A target can have economic, human, and symbolic values, subjectively assessed by the defender and attacker. A contest success function determines the probability of a successful attack on each target, dependent on the investments by the defender and attacker into each target, and on characteristics of the contest. The defender minimizes the expected damage plus the defense costs. The attacker maximizes the expected damage minus the attack costs. Each agent is concerned about how his investments vary across the targets, and the impact on his utilities. Interdependent systems are analyzed where the defense and attack on one target impacts all targets. Dependent systems are analyzed applying Markov analysis and repeated games where a successful attack on one target in the first period impacts the unit costs of defense and attack, and the contest intensity, for the other target in the second period.

Automated Generation of Attack Trees

DEFF Research Database (Denmark)

Vigo, Roberto; Nielson, Flemming; Nielson, Hanne Riis

2014-01-01

Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impractica......Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error......-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees...... are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase...

Pareto Efficient Solutions of Attack-Defence Trees

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2015-01-01

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as proba......Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes......, such as probability or cost of attacks and defences. In case of multiple parameters most analytical methods optimise one parameter at a time, e.g., minimise cost or maximise probability of an attack. Such methods may lead to sub-optimal solutions when optimising conflicting parameters, e.g., minimising cost while...... maximising probability. In order to tackle this challenge, we devise automated techniques that optimise all parameters at once. Moreover, in the case of conflicting parameters our techniques compute the set of all optimal solutions, defined in terms of Pareto efficiency. The developments are carried out...

Análisis e implementación para la creación de un clúster SQL server como solución centralizada de bases de datos satélites

OpenAIRE

Estrella Izurieta, Johan Alexei

2016-01-01

The present project analyzes a viable and sustainable solution for companies that need to improve the availability, scalability, and security of their information by centralizing in a cluster a SQL Server database in SQL Server satellites. This will allow to decrease administrative time, increase high ability to information, and improve performance. Consequently, it will release hardware resources that could be reused on current requirements or in future projects, trying in thi...

A SQL-Database Based Meta-CASE System and its Query Subsystem

Science.gov (United States)

Eessaar, Erki; Sgirka, Rünno

Meta-CASE systems simplify the creation of CASE (Computer Aided System Engineering) systems. In this paper, we present a meta-CASE system that provides a web-based user interface and uses an object-relational database system (ORDBMS) as its basis. The use of ORDBMSs allows us to integrate different parts of the system and simplify the creation of meta-CASE and CASE systems. ORDBMSs provide powerful query mechanism. The proposed system allows developers to use queries to evaluate and gradually improve artifacts and calculate values of software measures. We illustrate the use of the systems by using SimpleM modeling language and discuss the use of SQL in the context of queries about artifacts. We have created a prototype of the meta-CASE system by using PostgreSQL™ ORDBMS and PHP scripting language.

Methods to Secure Databases Against Vulnerabilities

Science.gov (United States)

2015-12-01

for several languages such as C, C++, PHP, Java and Python [16]. MySQL will work well with very large databases. The documentation references...using Eclipse and connected to each database management system using Python and Java drivers provided by MySQL , MongoDB, and Datastax (for Cassandra...tiers in Python and Java . Problem MySQL MongoDB Cassandra 1. Injection a. Tautologies Vulnerable Vulnerable Not Vulnerable b. Illegal query

Cross-site scripting attacks procedure and Prevention Strategies

Directory of Open Access Journals (Sweden)

Wang Xijun

2016-01-01

Full Text Available Cross-site scripting attacks and defense has been the site of attack and defense is an important issue, this paper, the definition of cross-site scripting attacks, according to the current understanding of the chaos on the cross-site scripting, analyzes the causes and harm cross-site scripting attacks formation of attacks XXS complete process XSS attacks made a comprehensive analysis, and then for the web program includes Mobility there are cross-site scripting filter laxity given from ordinary users browse the web and web application developers two the defense cross-site scripting attacks effective strategy.

Heart Attack Symptoms in Women

Science.gov (United States)

... fat, cholesterol and other substances (plaque). Watch an animation of a heart attack . Many women think the ... Support Network Popular Articles 1 Understanding Blood Pressure Readings 2 Sodium and Salt 3 Heart Attack Symptoms ...

On the anatomy of social engineering attacks : A literature-based dissection of successful attacks

NARCIS (Netherlands)

Bullee, Jan-Willem; Montoya, L.; Pieters, Wolter; Junger, Marianne; Hartel, Pieter H.

The aim of this studywas to explore the extent towhich persuasion principles are used in successful social engineering attacks. Seventy-four scenarioswere extracted from 4 books on social engineering (written by social engineers) and analysed. Each scenariowas split into attack steps, containing

DDOS ATTACK DETECTION SIMULATION AND HANDLING MECHANISM

Directory of Open Access Journals (Sweden)

Ahmad Sanmorino

2013-11-01

Full Text Available In this study we discuss how to handle DDoS attack that coming from the attacker by using detection method and handling mechanism. Detection perform by comparing number of packets and number of flow. Whereas handling mechanism perform by limiting or drop the packets that detected as a DDoS attack. The study begins with simulation on real network, which aims to get the real traffic data. Then, dump traffic data obtained from the simulation used for detection method on our prototype system called DASHM (DDoS Attack Simulation and Handling Mechanism. From the result of experiment that has been conducted, the proposed method successfully detect DDoS attack and handle the incoming packet sent by attacker.

Model checking exact cost for attack scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming

2017-01-01

Attack trees constitute a powerful tool for modelling security threats. Many security analyses of attack trees can be seamlessly expressed as model checking of Markov Decision Processes obtained from the attack trees, thus reaping the benefits of a coherent framework and a mature tool support....... However, current model checking does not encompass the exact cost analysis of an attack, which is standard for attack trees. Our first contribution is the logic erPCTL with cost-related operators. The extended logic allows to analyse the probability of an event satisfying given cost bounds and to compute...... the exact cost of an event. Our second contribution is the model checking algorithm for erPCTL. Finally, we apply our framework to the analysis of attack trees....

NETWORK SECURITY ATTACKS. ARP POISONING CASE STUDY

Directory of Open Access Journals (Sweden)

Luminiţa DEFTA

2010-12-01

Full Text Available Arp poisoning is one of the most common attacks in a switched network. A switch is a network device that limits the ability of attackers that use a packet sniffer to gain access to information from internal network traffic. However, using ARP poisoning the traffic between two computers can be intercepted even in a network that uses switches. This method is known as man in the middle attack. With this type of attack the affected stations from a network will have invalid entries in the ARP table. Thus, it will contain only the correspondence between the IP addresses of the stations from the same network and a single MAC address (the station that initiated the attack. In this paper we present step by step the initiation of such an attack in a network with three computers. We will intercept the traffic between two stations using the third one (the attacker.

NoSQL Based 3D City Model Management System

Science.gov (United States)

Mao, B.; Harrie, L.; Cao, J.; Wu, Z.; Shen, J.

2014-04-01

To manage increasingly complicated 3D city models, a framework based on NoSQL database is proposed in this paper. The framework supports import and export of 3D city model according to international standards such as CityGML, KML/COLLADA and X3D. We also suggest and implement 3D model analysis and visualization in the framework. For city model analysis, 3D geometry data and semantic information (such as name, height, area, price and so on) are stored and processed separately. We use a Map-Reduce method to deal with the 3D geometry data since it is more complex, while the semantic analysis is mainly based on database query operation. For visualization, a multiple 3D city representation structure CityTree is implemented within the framework to support dynamic LODs based on user viewpoint. Also, the proposed framework is easily extensible and supports geoindexes to speed up the querying. Our experimental results show that the proposed 3D city management system can efficiently fulfil the analysis and visualization requirements.

Understanding How Components of Organisations Contribute to Attacks

DEFF Research Database (Denmark)

Gu, Min; Aslanyan, Zaruhi; Probst, Christian W.

2016-01-01

Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors is diffi......Attacks on organisations today explore many different layers, including buildings infrastructure, IT infrastructure, and human factor – the physical, virtual, and social layer. Identifying possible attacks, understanding their impact, and attributing their origin and contributing factors...... is difficult. Recently, system models have been used for automatically identifying possible attacks on the modelled organisation. The generated attacks consider all three layers, making the contribution of building infrastructure, computer infrastructure, and humans (insiders and outsiders) explicit. However......, this contribution is only visible in the attack trees as part of the performed steps; it cannot be mapped back to the model directly since the actions usually involve several elements (attacker and targeted actor or asset). Especially for large attack trees, understanding the relations between several model...

Attack Graph Construction for Security Events Analysis

Directory of Open Access Journals (Sweden)

Andrey Alexeevich Chechulin

2014-09-01

Full Text Available The paper is devoted to investigation of the attack graphs construction and analysis task for a network security evaluation and real-time security event processing. Main object of this research is the attack modeling process. The paper contains the description of attack graphs building, modifying and analysis technique as well as overview of implemented prototype for network security analysis based on attack graph approach.

Automated Discovery of Mimicry Attacks

National Research Council Canada - National Science Library

Giffin, Jonathon T; Jha, Somesh; Miller, Barton P

2006-01-01

.... These systems are useful only if they detect actual attacks. Previous research developed manually-constructed mimicry and evasion attacks that avoided detection by hiding a malicious series of system calls within a valid sequence allowed by the model...

Stability Analysis of High-Speed Boundary-Layer Flow with Gas Injection

Science.gov (United States)

2014-06-01

laminar-turbulent transition on slender bodies in a hypersonic flow at small angles of attack is caused by amplification of acoustic waves trapped in...x decreases and slowly approaches the no-blow distribution. These CFD data demonstrate that the injection strongly affects the near-wall flow...conclusion. Figure 10 shows that the spatial growth rates ( )  are maximal for mode 0 corresponding to the Mack second mode – typical for hypersonic

JREM: An Approach for Formalising Models in the Requirements Phase with JSON and NoSQL Databases

OpenAIRE

Aitana Alonso-Nogueira; Helia Estévez-Fernández; Isaías García

2017-01-01

This paper presents an approach to reduce some of its current flaws in the requirements phase inside the software development process. It takes the software requirements of an application, makes a conceptual modeling about it and formalizes it within JSON documents. This formal model is lodged in a NoSQL database which is document-oriented, that is, MongoDB, because of its advantages in flexibility and efficiency. In addition, this paper underlines the contributions of the detailed approach a...

Transforming Graphical System Models to Graphical Attack Models

DEFF Research Database (Denmark)

Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, Rene Rydhof

2016-01-01

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations...... approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset....

When Sinuses Attack! (For Kids)

Science.gov (United States)

... First Aid & Safety Doctors & Hospitals Videos Recipes for Kids Kids site Sitio para niños How the Body Works ... Search English Español When Sinuses Attack! KidsHealth / For Kids / When Sinuses Attack! What's in this article? What ...

Heart Attack

Science.gov (United States)

... properly causes your body's blood sugar levels to rise, increasing your risk of heart attack. Metabolic syndrome. This occurs when you have obesity, high blood pressure and high blood sugar. Having metabolic ...

Astronomical Data Processing Using SciQL, an SQL Based Query Language for Array Data

Science.gov (United States)

Zhang, Y.; Scheers, B.; Kersten, M.; Ivanova, M.; Nes, N.

2012-09-01

SciQL (pronounced as ‘cycle’) is a novel SQL-based array query language for scientific applications with both tables and arrays as first class citizens. SciQL lowers the entrance fee of adopting relational DBMS (RDBMS) in scientific domains, because it includes functionality often only found in mathematics software packages. In this paper, we demonstrate the usefulness of SciQL for astronomical data processing using examples from the Transient Key Project of the LOFAR radio telescope. In particular, how the LOFAR light-curve database of all detected sources can be constructed, by correlating sources across the spatial, frequency, time and polarisation domains.

Software-based Microarchitectural Attacks

OpenAIRE

Gruss, Daniel

2017-01-01

Modern processors are highly optimized systems where every single cycle of computation time matters. Many optimizations depend on the data that is being processed. Software-based microarchitectural attacks exploit effects of these optimizations. Microarchitectural side-channel attacks leak secrets from cryptographic computations, from general purpose computations, or from the kernel. This leakage even persists across all common isolation boundaries, such as processes, containers, and virtual ...

Integrating cyber attacks within fault trees

International Nuclear Information System (INIS)

Nai Fovino, Igor; Masera, Marcelo; De Cian, Alessio

2009-01-01

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Integrating cyber attacks within fault trees

Energy Technology Data Exchange (ETDEWEB)

Nai Fovino, Igor [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy)], E-mail: igor.nai@jrc.it; Masera, Marcelo [Joint Research Centre - EC, Institute for the Protection and Security of the Citizen, Ispra, VA (Italy); De Cian, Alessio [Department of Electrical Engineering, University di Genova, Genoa (Italy)

2009-09-15

In this paper, a new method for quantitative security risk assessment of complex systems is presented, combining fault-tree analysis, traditionally used in reliability analysis, with the recently introduced Attack-tree analysis, proposed for the study of malicious attack patterns. The combined use of fault trees and attack trees helps the analyst to effectively face the security challenges posed by the introduction of modern ICT technologies in the control systems of critical infrastructures. The proposed approach allows considering the interaction of malicious deliberate acts with random failures. Formal definitions of fault tree and attack tree are provided and a mathematical model for the calculation of system fault probabilities is presented.

Attack and Vulnerability Penetration Testing: FreeBSD

Directory of Open Access Journals (Sweden)

Abdul Hanan Abdullah

2013-07-01

Full Text Available Computer system security has become a major concern over the past few years. Attacks, threasts or intrusions, against computer system and network have become commonplace events. However, there are some system devices and other tools that are available to overcome the threat of these attacks. Currently, cyber attack is a major research and inevitable. This paper presents some steps of penetration in FreeBSD operating system, some tools and new steps to attack used in this experiment, probes for reconnaissance, guessing password via brute force, gaining privilege access and flooding victim machine to decrease availability. All these attacks were executed and infiltrate within the environment of Intrusion Threat Detection Universiti Teknologi Malaysia (ITD UTM data set. This work is expected to be a reference for practitioners to prepare their systems from Internet attacks.

Superposition Attacks on Cryptographic Protocols

DEFF Research Database (Denmark)

Damgård, Ivan Bjerre; Funder, Jakob Løvstad; Nielsen, Jesper Buus

2011-01-01

of information. In this paper, we introduce a fundamentally new model of quantum attacks on classical cryptographic protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security......Attacks on classical cryptographic protocols are usually modeled by allowing an adversary to ask queries from an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece...... of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold $t$ in the standard model is secure against superposition attacks if and only if the threshold is lowered to $t/2$. We use this result to give zero-knowledge proofs for all of NP in the common reference...

Recurrent spontaneous attacks of dizziness.

Science.gov (United States)

Lempert, Thomas

2012-10-01

This article describes the common causes of recurrent vertigo and dizziness that can be diagnosed largely on the basis of history. Ninety percent of spontaneous recurrent vertigo and dizziness can be explained by six disorders: (1) Ménière disease is characterized by vertigo attacks, lasting 20 minutes to several hours, with concomitant hearing loss, tinnitus, and aural fullness. Aural symptoms become permanent during the course of the disease. (2) Attacks of vestibular migraine may last anywhere from minutes to days. Most patients have a previous history of migraine headaches, and many experience migraine symptoms during the attack. (3) Vertebrobasilar TIAs affect older adults with vascular risk factors. Most attacks last less than 1 hour and are accompanied by other symptoms from the posterior circulation territory. (4) Vestibular paroxysmia is caused by vascular compression of the eighth cranial nerve. It manifests itself with brief attacks of vertigo that recur many times per day, sometimes with concomitant cochlear symptoms. (5) Orthostatic hypotension causes brief episodes of dizziness lasting seconds to a few minutes after standing up and is relieved by sitting or lying down. In older adults, it may be accompanied by supine hypertension. (6) Panic attacks usually last minutes, occur in specific situations, and are accompanied by choking, palpitations, tremor, heat, and anxiety. Less common causes of spontaneous recurrent vertigo and dizziness include perilymph fistula, superior canal dehiscence, autoimmune inner ear disease, otosclerosis, cardiac arrhythmia, and medication side effects. Neurologists need to venture into otolaryngology, internal medicine, and psychiatry to master the differential diagnosis of recurrent dizziness.

Exploring No-SQL alternatives for ALMA monitoring system

Science.gov (United States)

Shen, Tzu-Chiang; Soto, Ruben; Merino, Patricio; Peña, Leonel; Bartsch, Marcelo; Aguirre, Alvaro; Ibsen, Jorge

2014-07-01

The Atacama Large Millimeter /submillimeter Array (ALMA) will be a unique research instrument composed of at least 66 reconfigurable high-precision antennas, located at the Chajnantor plain in the Chilean Andes at an elevation of 5000 m. This paper describes the experience gained after several years working with the monitoring system, which has a strong requirement of collecting and storing up to 150K variables with a highest sampling rate of 20.8 kHz. The original design was built on top of a cluster of relational database server and network attached storage with fiber channel interface. As the number of monitoring points increases with the number of antennas included in the array, the current monitoring system demonstrated to be able to handle the increased data rate in the collection and storage area (only one month of data), but the data query interface showed serious performance degradation. A solution based on no-SQL platform was explored as an alternative to the current long-term storage system. Among several alternatives, mongoDB has been selected. In the data flow, intermediate cache servers based on Redis were introduced to allow faster streaming of the most recently acquired data to web based charts and applications for online data analysis.

Shark Attack Project - Marine Attack at Towed Hydrophone Arrays

National Research Council Canada - National Science Library

Kalmijn, Adrianus J

2005-01-01

The original objective of the SIO Marine Attack project was to identify the electric and magnetic fields causing sharks to inflict serious damage upon the towed hydrophone arrays of US Navy submarines...

Novel Method For Low-Rate Ddos Attack Detection

Science.gov (United States)

Chistokhodova, A. A.; Sidorov, I. D.

2018-05-01

The relevance of the work is associated with an increasing number of advanced types of DDoS attacks, in particular, low-rate HTTP-flood. Last year, the power and complexity of such attacks increased significantly. The article is devoted to the analysis of DDoS attacks detecting methods and their modifications with the purpose of increasing the accuracy of DDoS attack detection. The article details low-rate attacks features in comparison with conventional DDoS attacks. During the analysis, significant shortcomings of the available method for detecting low-rate DDoS attacks were found. Thus, the result of the study is an informal description of a new method for detecting low-rate denial-of-service attacks. The architecture of the stand for approbation of the method is developed. At the current stage of the study, it is possible to improve the efficiency of an already existing method by using a classifier with memory, as well as additional information.

Heart Attack

Science.gov (United States)

... family history of heart attack race – African Americans, Mexican Americans, Native Americans, and native Hawaiians are at ... Your doctor will prescribe the medicines that are right for you. If you have had a heart ...

Automatic Classification of Attacks on IP Telephony

Directory of Open Access Journals (Sweden)

Jakub Safarik

2013-01-01

Full Text Available This article proposes an algorithm for automatic analysis of attack data in IP telephony network with a neural network. Data for the analysis is gathered from variable monitoring application running in the network. These monitoring systems are a typical part of nowadays network. Information from them is usually used after attack. It is possible to use an automatic classification of IP telephony attacks for nearly real-time classification and counter attack or mitigation of potential attacks. The classification use proposed neural network, and the article covers design of a neural network and its practical implementation. It contains also methods for neural network learning and data gathering functions from honeypot application.

Rancang Bangun Aplikasi Pembayaran Sekolah Menggunakan Java Dan MySQL Berbasis Client Server Di SMA Yos Sudarso Cilacap

OpenAIRE

Usada, Elisa; Isnawati, Anggun Fitrian; Fatimah, Dewi

2010-01-01

SMA Yos Sudarso merupakan salah satu sekolah yang sudah memanfaatkan komputer  untuk menyelesaikan berbagai macam tugas, tetapi pemanfaatannya masih belum maksimal karena ada bagian administrasi yang masih menggunakan metode manual, yaitu pada administrasi pembayaran. Penelitian ini  berusaha membuat sebuah aplikasi client server berteknologi JAVA dan MySQL untuk mengelola data pembayaran sekolah meliputi pembayaran SPP, pembayaran uang gedung serta pembayaran ujian. Metode waterfal...

Perancangan SCADA Software dengan Wonderware InTouch Recipe Manager dan SQL Access Manager pada Simulator Proses Pencampuran Bahan

OpenAIRE

Wicaksono, Handy; Lim, Resmana; Sutanto, William

2008-01-01

In Bahasa Indonesia: Banyak industri yang sudah menggunakan sistem automasi dengan menggunakan PLC (Programmable Logic Controller) dan SCADA (Supervisory Control And Data Acquisition). Salah satu software untuk membuat program SCADA adalah Wonderware InTouch. Untuk mengelola data dalam bentuk recipe dan database, Wonderware InTouch mempunyai program-program tambahan yaitu Recipe Manager dan SQL Access Manager. Pada penelitian ini, akan digunakan proses pembuatan kertas sebagai contoh kas...

Effectiveness of icatibant for treatment of hereditary angioedema attacks is not affected by body weight: findings from the Icatibant Outcome Survey, a cohort observational study.

Science.gov (United States)

Caballero, Teresa; Zanichelli, Andrea; Aberer, Werner; Maurer, Marcus; Longhurst, Hilary J; Bouillet, Laurence; Andresen, Irmgard

2018-01-01

Icatibant is a bradykinin B2-receptor antagonist used for the treatment of hereditary angioedema attacks resulting from C1-inhibitor deficiency. Treatment is not adjusted by body weight however the impact of body mass index (BMI) on the effectiveness of icatibant is not documented in the literature. We examined disease characteristics and icatibant treatment effectiveness in patients stratified by BMI in the Icatibant Outcome Survey, an ongoing, international, observational study monitoring the real-world safety and effectiveness of icatibant. Attack and treatment characteristics as well as outcomes following treatment with icatibant were compared among patients with underweight, normal, overweight, and obese BMI. Data from 2697 icatibant-treated attacks in 342 patients (3.5, 44.7, 34.8, and 17.0% patients of underweight, normal, overweight, and obese BMI, respectively) were analyzed. There was no significant difference in the frequency and severity of attacks across BMI groups, although obese patients tended to have more attacks of high severity. There was no impact of BMI on the frequency of laryngeal attacks, but patients with normal BMI had fewer cutaneous attacks and more abdominal attacks. Most attacks (71.9-83.8%) were treated with a single icatibant injection without the need for rescue with plasma-derived C1-inhibitor (pdC1-INH), regardless of BMI. Patients with obese BMI used pdC1-INH as rescue treatment more often (P < 0.0001; P = 0.0232 excluding 2 outliers) and treated attacks earlier than patients with normal BMI (P = 0.007). Furthermore, time to resolution and duration of attack were shorter for patients with high BMI (P < 0.001 for overweight and P < 0.05 for obese versus normal). Overall, icatibant was comparatively effective in treating attacks in patients across all BMI groups. Trial registration NCT01034969.

Further attacks on Yeung-Mintzer fragile watermarking scheme

Science.gov (United States)

Fridrich, Jessica; Goljan, Miroslav; Memon, Nasir D.

2000-05-01

In this paper, we describe new and improved attacks on the authentication scheme previously proposed by Yeung and Mintzer. Previous attacks assumed that the binary watermark logo inserted in an image for the purposes of authentication was known. Here we remove that assumption and show how the scheme is still vulnerable, even if the binary logo is not known but the attacker has access to multiple images that have been watermarked with the same secret key and contain the same (but unknown) logo. We present two attacks. The first attack infers the secret watermark insertion function and the binary logo, given multiple images authenticated with the same key and containing the same logo. We show that a very good approximation to the logo and watermark insertion function can be constructed using as few as two images. With color images, one needs many more images, nevertheless the attack is still feasible. The second attack we present, which we call the 'collage-attack' is a variation of the Holliman-Memon counterfeiting attack. The proposed variation does not require knowledge of the watermark logo and produces counterfeits of superior quality by means of a suitable dithering process that we develop.

Pareto Efficient Solution of Attack-Defence Trees

NARCIS (Netherlands)

Aslanyan, Zaruhi; Nielson, Flemming

Attack-defence trees are a promising approach for representing threat scenarios and possible countermeasures in a concise and intuitive manner. An attack-defence tree describes the interaction between an attacker and a defender, and is evaluated by assigning parameters to the nodes, such as

Genetic attack on neural cryptography.

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Genetic attack on neural cryptography

International Nuclear Information System (INIS)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-01-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size

Genetic attack on neural cryptography

Science.gov (United States)

Ruttor, Andreas; Kinzel, Wolfgang; Naeh, Rivka; Kanter, Ido

2006-03-01

Different scaling properties for the complexity of bidirectional synchronization and unidirectional learning are essential for the security of neural cryptography. Incrementing the synaptic depth of the networks increases the synchronization time only polynomially, but the success of the geometric attack is reduced exponentially and it clearly fails in the limit of infinite synaptic depth. This method is improved by adding a genetic algorithm, which selects the fittest neural networks. The probability of a successful genetic attack is calculated for different model parameters using numerical simulations. The results show that scaling laws observed in the case of other attacks hold for the improved algorithm, too. The number of networks needed for an effective attack grows exponentially with increasing synaptic depth. In addition, finite-size effects caused by Hebbian and anti-Hebbian learning are analyzed. These learning rules converge to the random walk rule if the synaptic depth is small compared to the square root of the system size.

Attacks on the AJPS Mersenne-based cryptosystem

NARCIS (Netherlands)

K. de Boer (Koen); L. Ducas (Léo); S. Jeffery (Stacey); R. M. de Wolf (Ronald)

2018-01-01

textabstractAggarwal, Joux, Prakash and Santha recently introduced a new potentially quantum-safe public-key cryptosystem, and suggested that a brute-force attack is essentially optimal against it. They consider but then dismiss both Meet-in-the-Middle attacks and LLL-based attacks. Very soon after

The political attack ad

Directory of Open Access Journals (Sweden)

Palma Peña-Jiménez, Ph.D.

2011-01-01

Full Text Available During election campaigns the political spot has a clear objective: to win votes. This message is communicated to the electorate through television and Internet, and usually presents a negative approach, which includes a direct critical message against the opponent, rather than an exposition of proposals. This article is focused on the analysis of the campaign attack video ad purposely created to encourage the disapproval of the political opponent among voters. These ads focus on discrediting the opponent, many times, through the transmission of ad hominem messages, instead of disseminating the potential of the political party and the virtues and manifesto of its candidate. The article reviews the development of the attack ad since its first appearance, which in Spain dates back to 1996, when the famous Doberman ad was broadcast, and examines the most memorable campaign attack ads.

Robust Detection of Stepping-Stone Attacks

National Research Council Canada - National Science Library

He, Ting; Tong, Lang

2006-01-01

The detection of encrypted stepping-stone attack is considered. Besides encryption and padding, the attacker is capable of inserting chaff packets and perturbing packet timing and transmission order...

A Framework for Attack-Resilient Industrial Control Systems : Attack Detection and Controller Reconfiguration

OpenAIRE

Paridari, Kaveh; O'Mahony, Niamh; Mady, Alie El-Din; Chabukswar, Rohan; Boubekeur, Menouer; Sandberg, Henrik

2017-01-01

Most existing industrial control systems (ICSs), such as building energy management systems (EMSs), were installed when potential security threats were only physical. With advances in connectivity, ICSs are now, typically, connected to communications networks and, as a result, can be accessed remotely. This extends the attack surface to include the potential for sophisticated cyber attacks, which can adversely impact ICS operation, resulting in service interruption, equipment damage, safety c...

An Adaptive Approach for Defending against DDoS Attacks

Directory of Open Access Journals (Sweden)

Muhai Li

2010-01-01

Full Text Available In various network attacks, the Distributed Denial-of-Service (DDoS attack is a severe threat. In order to deal with this kind of attack in time, it is necessary to establish a special type of defense system to change strategy dynamically against attacks. In this paper, we introduce an adaptive approach, which is used for defending against DDoS attacks, based on normal traffic analysis. The approach can check DDoS attacks and adaptively adjust its configurations according to the network condition and attack severity. In order to insure the common users to visit the victim server that is being attacked, we provide a nonlinear traffic control formula for the system. Our simulation test indicates that the nonlinear control approach can prevent the malicious attack packets effectively while making legitimate traffic flows arrive at the victim.

Countermeasures for unintentional and intentional video watermarking attacks

Science.gov (United States)

Deguillaume, Frederic; Csurka, Gabriela; Pun, Thierry

2000-05-01

These last years, the rapidly growing digital multimedia market has revealed an urgent need for effective copyright protection mechanisms. Therefore, digital audio, image and video watermarking has recently become a very active area of research, as a solution to this problem. Many important issues have been pointed out, one of them being the robustness to non-intentional and intentional attacks. This paper studies some attacks and proposes countermeasures applied to videos. General attacks are lossy copying/transcoding such as MPEG compression and digital/analog (D/A) conversion, changes of frame-rate, changes of display format, and geometrical distortions. More specific attacks are sequence edition, and statistical attacks such as averaging or collusion. Averaging attack consists of averaging locally consecutive frames to cancel the watermark. This attack works well for schemes which embed random independent marks into frames. In the collusion attack the watermark is estimated from single frames (based on image denoising), and averaged over different scenes for better accuracy. The estimated watermark is then subtracted from each frame. Collusion requires that the same mark is embedded into all frames. The proposed countermeasures first ensures robustness to general attacks by spread spectrum encoding in the frequency domain and by the use of an additional template. Secondly, a Bayesian criterion, evaluating the probability of a correctly decoded watermark, is used for rejection of outliers, and to implement an algorithm against statistical attacks. The idea is to embed randomly chosen marks among a finite set of marks, into subsequences of videos which are long enough to resist averaging attacks, but short enough to avoid collusion attacks. The Bayesian criterion is needed to select the correct mark at the decoding step. Finally, the paper presents experimental results showing the robustness of the proposed method.

Link-layer Jamming Attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

2004-01-01

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

Link-layer jamming attacks on S-MAC

NARCIS (Netherlands)

Law, Y.W.; Hartel, Pieter H.; den Hartog, Jeremy; Havinga, Paul J.M.

We argue that among denial-of-service (DoS) attacks, link-layer jamming is a more attractive option to attackers than radio jamming is. By exploiting the semantics of the link-layer protocol (aka MAC protocol), an attacker can achieve better efficiency than blindly jamming the radio signals alone.

A computer network attack taxonomy and ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-01-01

Full Text Available of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example, after the launch of a DDOS (Distributed Denial of Service) attack, zombie computers may still connect to the target...-scrap- value-of-a-hacked-pc-revisited/ . Lancor, L., & Workman, R. (2007). Using Google Hacking to Enhance Defense Strategies. ACM SIGCSE Bulletin, 39 (1), 491-495. Lau, F., Rubin, S. H., Smith, M. H., & Trajkovic, L. (2000). Distributed Denial of Service...

Sleep bruxism possibly triggered by multiple sclerosis attacks and treated successfully with botulinum toxin: Report of three cases.

Science.gov (United States)

Sevim, Serhan; Kaleağası, Hakan; Fidancı, Halit

2015-09-01

Sleep bruxism refers to a nocturnal parafunctional activity including the clenching, grinding or gnashing of teeth. While most of the nocturnal bruxism cases seen in the general population are apparently idiopathic, it has been reported to be associated with a range of neurological diseases such as Huntington's disease, cranio-cervical dystonia and post-anoxic brain damage, but not multiple sclerosis (MS). We describe three cases of MS patients who have had moderate to severe complaints of bruxism in the two weeks following their relevant MS attacks. None of the three patients had a diagnosis of bruxism prior to her attack. The diagnosis was confirmed in one out of three by a polysomnography. One patient did not have any complaints related to bruxism previous to her attack, whereas two had mild and infrequent complaints. The symptoms of the relevant attacks were left hemihypesthesia in all and hemiparesis in two. None of the patients had spasticity that could result in severe teeth clenching. All three patients presented with morning headaches and jaw pain or tightness and were treated successfully with botulinum toxin (Btx) injections applied to their masseter and temporalis muscles. The cause of bruxism is controversial but lesions of the cortico-basalganglia-thalamo-cotrical loops are thought to be most likely. However, acute or chronic lesions in those pathways were not demonstrated in the 3 patients. It is feasible that they had normal appearing white matter interruptions in their cortico-basalganglia-thalamocortical loops along with their relevant attack. Copyright © 2015 Elsevier B.V. All rights reserved.

Unified communications forensics anatomy of common UC attacks

CERN Document Server

Grant, Nicholas Mr

2013-01-01

Unified Communications Forensics: Anatomy of Common UC Attacks is the first book to explain the issues and vulnerabilities and demonstrate the attacks, forensic artifacts, and countermeasures required to establish a secure (UC) environment. This book is written by leading UC experts Nicholas Grant and Joseph W. Shaw II and provides material never before found on the market, including: analysis of forensic artifacts in common UC attacks an in-depth look at established UC technologies and attack exploits hands-on understanding of UC attack vectors and associated countermeasures

Aplicação de PHP, Javascript, CSS e MySQL na Criação do Portal de Agro@mbiente On-line. = Application of PHP, Javascript, CSS and MySQL in the creation of Agro@mbiente On-line’s web site.

Directory of Open Access Journals (Sweden)

Luciano S. Neucamp

2007-12-01

Full Text Available Descrevemos uma aplicação conjunta de PHP, Javascript, CSS e MySQL na criação do Portal de Agro@mbiente On-line, a revista científica eletrônica do Centro de Ciências Agrárias da Universidade Federal de Roraima - Brasil. A metodologia de desenvolvimento do site foi planejada para construir uma interface de navegação simples, interativa e esteticamente amigável; assim como construir um banco de dados simples mais robusto para fornecer suporte quanto à estatística de gestão do periódico. = We described an application of PHP, Javascript, CSS and MySQL beside in the creation of Agro@mbiente On-line’s web site, the Scientific e-Magazine of the Centro de Ciências Agrárias of the Universidade Federal de Roraima - Brazil. The methodology of site’s development was planned to build an interface of simple sailing, iterative and esthetical friendly; as well as building a more robust simple database to supply support with relationship to the statistics of administration of themagazine.

Attacks and countermeasures on AES and ECC

DEFF Research Database (Denmark)

Tange, Henrik; Andersen, Birger

2013-01-01

AES (Advanced Encryption Standard) is widely used in LTE and Wi-Fi communication systems. AES has recently been exposed to new attacks which have questioned the overall security of AES. The newest attack is a so called biclique attack, which is using the fact that the content of the state array...

Classifying network attack scenarios using an ontology

CSIR Research Space (South Africa)

Van Heerden, RP

2012-03-01

Full Text Available ) or to the target?s reputation. The Residue sub-phase refers to damage or artefacts of the attack that occur after the attack goal has been achieved, and occurs because the attacker loses control of some systems. For example after the launch of a DDOS..., A. (1995). Hacking theft of $10 million from citibank revealed. Retrieved 10/10, 2011, from http://articles.latimes.com/1995-08-19/business/fi-36656_1_citibank-system Hurley, E. (2004). SCO site succumbs to DDoS attack. Retrieved 10/10, 2011, from...

Modelling Social-Technical Attacks with Timed Automata

DEFF Research Database (Denmark)

David, Nicolas; David, Alexandre; Hansen, Rene Rydhof

2015-01-01

. In this paper we develop an approach towards modelling socio-technical systems in general and socio-technical attacks in particular, using timed automata and illustrate its application by a complex case study. Thanks to automated model checking and automata theory, we can automatically generate possible attacks...... in our model and perform analysis and simulation of both model and attack, revealing details about the specific interaction between attacker and victim. Using timed automata also allows for intuitive modelling of systems, in which quantities like time and cost can be easily added and analysed....

Quantitative Verification and Synthesis of Attack-Defence Scenarios

DEFF Research Database (Denmark)

Aslanyan, Zaruhi; Nielson, Flemming; Parker, David

2016-01-01

analysis of quantitative properties of complex attack-defence scenarios, using an extension of attack-defence trees which models temporal ordering of actions and allows explicit dependencies in the strategies adopted by attackers and defenders. We adopt a game-theoretic approach, translating attack...... which guarantee or optimise some quantitative property, such as the probability of a successful attack, the expected cost incurred, or some multi-objective trade-off between the two. We implement our approach, building upon the PRISM-games model checker, and apply it to a case study of an RFID goods...

Situational awareness of a coordinated cyber attack

Science.gov (United States)

Sudit, Moises; Stotz, Adam; Holender, Michael

2005-03-01

As technology continues to advance, services and capabilities become computerized, and an ever increasing amount of business is conducted electronically the threat of cyber attacks gets compounded by the complexity of such attacks and the criticality of the information which must be secured. A new age of virtual warfare has dawned in which seconds can differentiate between the protection of vital information and/or services and a malicious attacker attaining their goal. In this paper we present a novel approach in the real-time detection of multistage coordinated cyber attacks and the promising initial testing results we have obtained. We introduce INFERD (INformation Fusion Engine for Real-time Decision-making), an adaptable information fusion engine which performs fusion at levels zero, one, and two to provide real-time situational assessment and its application to the cyber domain in the ECCARS (Event Correlation for Cyber Attack Recognition System) system. The advantages to our approach are fourfold: (1) The complexity of the attacks which we consider, (2) the level of abstraction in which the analyst interacts with the attack scenarios, (3) the speed at which the information fusion is presented and performed, and (4) our disregard for ad-hoc rules or a priori parameters.

Anti-discrimination Analysis Using Privacy Attack Strategies

KAUST Repository

Ruggieri, Salvatore

2014-09-15

Social discrimination discovery from data is an important task to identify illegal and unethical discriminatory patterns towards protected-by-law groups, e.g., ethnic minorities. We deploy privacy attack strategies as tools for discrimination discovery under hard assumptions which have rarely tackled in the literature: indirect discrimination discovery, privacy-aware discrimination discovery, and discrimination data recovery. The intuition comes from the intriguing parallel between the role of the anti-discrimination authority in the three scenarios above and the role of an attacker in private data publishing. We design strategies and algorithms inspired/based on Frèchet bounds attacks, attribute inference attacks, and minimality attacks to the purpose of unveiling hidden discriminatory practices. Experimental results show that they can be effective tools in the hands of anti-discrimination authorities.

Cyberprints: Identifying Cyber Attackers by Feature Analysis

Science.gov (United States)

Blakely, Benjamin A.

2012-01-01

The problem of attributing cyber attacks is one of increasing importance. Without a solid method of demonstrating the origin of a cyber attack, any attempts to deter would-be cyber attackers are wasted. Existing methods of attribution make unfounded assumptions about the environment in which they will operate: omniscience (the ability to gather,…

Simulation of Attacks for Security in Wireless Sensor Network.

Science.gov (United States)

Diaz, Alvaro; Sanchez, Pablo

2016-11-18

The increasing complexity and low-power constraints of current Wireless Sensor Networks (WSN) require efficient methodologies for network simulation and embedded software performance analysis of nodes. In addition, security is also a very important feature that has to be addressed in most WSNs, since they may work with sensitive data and operate in hostile unattended environments. In this paper, a methodology for security analysis of Wireless Sensor Networks is presented. The methodology allows designing attack-aware embedded software/firmware or attack countermeasures to provide security in WSNs. The proposed methodology includes attacker modeling and attack simulation with performance analysis (node's software execution time and power consumption estimation). After an analysis of different WSN attack types, an attacker model is proposed. This model defines three different types of attackers that can emulate most WSN attacks. In addition, this paper presents a virtual platform that is able to model the node hardware, embedded software and basic wireless channel features. This virtual simulation analyzes the embedded software behavior and node power consumption while it takes into account the network deployment and topology. Additionally, this simulator integrates the previously mentioned attacker model. Thus, the impact of attacks on power consumption and software behavior/execution-time can be analyzed. This provides developers with essential information about the effects that one or multiple attacks could have on the network, helping them to develop more secure WSN systems. This WSN attack simulator is an essential element of the attack-aware embedded software development methodology that is also introduced in this work.