Biblio

Based on the analysis of material performance data management requirements, a network-sharing scheme of material performance data is proposed. A material performance database system including material performance data collection, data query, data analysis, data visualization, data security management and control modules is designed to solve the problems of existing material performance database network sharing, data fusion and multidisciplinary support, and intelligent services Inadequate standardization and data security control. This paper adopts hierarchical access control strategy. After logging into the material performance database system, users can standardize the material performance data and store them to form a shared material performance database. The standardized material performance data of the database system shall be queried and shared under control according to the authority. Then, the database system compares and analyzes the material performance data obtained from controlled query sharing. Finally, the database system visualizes the shared results of controlled queries and the comparative analysis results obtained. The database system adopts the MVC architecture based on B/S (client/server) cross platform J2EE. The Third-party computing platforms are integrated in System. Users can easily use material performance data and related services through browsers and networks. MongoDB database is used for data storage, supporting distributed storage and efficient query.

Data Analytics is at the core of almost all modern ap-plications ranging from science and finance to healthcare and web applications. The evolution of data analytics over the last decade has been dramatic - new methods, new tools and new platforms - with no slowdown in sight. This rapid evolution has pushed the boundaries of data analytics along several axis including scalability especially with the rise of distributed infrastructures and the Big Data era, and interoperability with diverse data management systems such as relational databases, Hadoop and Spark. However, many analytic application developers struggle with the challenge of production deployment. Recent experience suggests that it is difficult to deliver modern data analytics with the level of reliability, security and manageability that has been a feature of traditional SQL DBMSs. In this tutorial, we discuss the advances and innovations introduced at both the infrastructure and algorithmic levels, directed at making analytic workloads scale, while paying close attention to the kind of quality of service guarantees different technology provide. We start with an overview of the classical centralized analytical techniques, describing the shift towards distributed analytics over non-SQL infrastructures. We contrast such approaches with systems that integrate analytic functionality inside, above or adjacent to SQL engines. We also explore how Cloud platforms' virtualization capabilities make it easier - and cheaper - for end users to apply these new analytic techniques to their data. Finally, we conclude with the learned lessons and a vision for the near future.

Databases are at the heart of modern applications and any threats to them can seriously endanger the safety and functionality of applications relying on the services offered by a DBMS. It is therefore pertinent to identify key risks to the secure operation of a database system. This paper identifies the key risks, namely, SQL injection, weak audit trails, access management issues and issues with encryption. A malicious actor can get help from any of these issues. It can compromise integrity, availability and confidentiality of the data present in database systems. The paper also identifies various means and ways to defend against these issues and remedy them. This paper then proceeds to identify from the literature, the potential solutions to these ameliorate the threat from these vulnerabilities. It proposes the usage of encryption to protect the data from being breached and leveraging encrypted databases such as CryptoDB. Better access control norms are suggested to prevent unauthorized access, modification and deletion of the data. The paper also recommends ways to prevent SQL injection attacks through techniques such as prepared statements.

For multi-source heterogeneous complex data types of data cleaning and visual display, we proposed to build dynamic multimode visualization analysis tool, according to the different types of data designed by the user in accordance with the data model, and use visualization technology tools to build and use CQRS technology to design, external interface using a RESTFul architecture, The domain model and data query are completely separated, and the underlying data store adopts Hbase, ES and relational database. Drools is adopted in the data flow engine. According to the internal algorithm, three kinds of graphs can be output, namely, transaction relationship network analysis graph, capital flow analysis graph and transaction timing analysis graph, which can reduce the difficulty of analysis and help users to analyze data in a more friendly way

Terrorism, and radicalization are major economic, political, and social issues faced by the world in today's era. The challenges that governments and citizens face in combating terrorism are growing by the day. Artificial intelligence, including machine learning and deep learning, has shown promising results in predicting terrorist attacks. In this paper, we attempted to build a machine learning model to predict terror activities using a global terrorism database in both relational and graphical forms. Using the Neo4j Sandbox, you can create a graph database from a relational database. We used the node2vec algorithm from Neo4j Sandbox's graph data science library to convert the high-dimensional graph to a low-dimensional vector form. In order to predict terror activities, seven machine learning models were used, and the performance parameters that were calculated were accuracy, precision, recall, and F1 score. According to our findings, the Logistic Regression model was the best performing model which was able to classify the dataset with an accuracy of 0.90, recall of 0.94 precision of 0.93, and an F1 score of 0.93.

It is proposed to address existing methodological issues in the educational process with the development of intellectual technologies and knowledge representation systems to improve the efficiency of higher education institutions. For this purpose, the structure of relational database is proposed, it will store the information about defended dissertations in the form of a set of attributes (heuristics), representing the mandatory qualification attributes of theses. An inference algorithm is proposed to process the information. This algorithm represents an artificial intelligence, its work is aimed at generating queries based on the applicant preferences. The result of the algorithm's work will be a set of choices, presented in ranked order. Given technologies will allow applicants to quickly become familiar with known scientific results and serve as a starting point for new research. The demand for co-researcher practice in solving the problem of updating the projective thinking methodology and managing the scientific research process has been justified. This article pays attention to the existing parallels between the concepts of technical and human sciences in the framework of their convergence. The concepts of being (economic good and economic utility) and the concepts of consciousness (humanitarian economic good and humanitarian economic utility) are used to form projective thinking. They form direct and inverse correspondences of technology and humanitarian practice in the techno-humanitarian mathematical space. It is proposed to place processed information from the language of context-free formal grammar dissertation abstracts in this space. The principle of data manipulation based on formal languages with context-free grammar allows to create new structures of subject areas in terms of applicants' preferences.It is believed that the success of applicants’ work depends directly on the cognitive training of applicants, which needs to be practiced psychologically. This practice is based on deepening the objectivity and adequacy qualities of obtaining information on the basis of heuristic methods. It requires increased attention and development of intelligence. The paper studies the use of heuristic methods by applicants to find new research directions leads to several promising results. These results can be perceived as potential options in future research. This contributes to an increase in the level of retention of higher education professionals.

Managing and storing big data is non-trivial for traditional relational databases (RDBMS). Therefore, the NoSQL (Not Only SQL) database management system emerged. It is ca-pable of handling the vast amount and the heterogeneity of data. In this research, we are interested in one of its trending types, the graph database, namely, the Directed Property Graph (DPG). This type of database is powerful in dealing with complex relationships (\$\textbackslashmathrme.\textbackslashmathrmg\$., social networks). However, its sen-sitive and private data must be protected against unauthorized access. This research proposes a security model that aims at exploiting and combining the benefits of Access Control, View-Based, and Query-Rewriting approaches. This is a novel combination for securing DPG.

Nowadays, data is essential in several fields, such as science, finance, medicine, and transportation, which means its value continues to rise. Relational databases are vulnerable to copyright threats when transmitted and shared as a carrier of data. The watermarking technique is seen as a partial solution to the problem of securing copyright ownership. However, most of them are currently restricted to numerical attributes in relational databases, limiting their versatility. Furthermore, they modify the source data to a large extent, failing to keep the characteristics of the original database, and they are susceptible to solid malicious attacks. This paper proposes a new robust reversible watermarking technique, Fields Based Inserting Position Tuples algorithm (FBIPT), for relational databases. FBIPT does not modify the original database directly; instead, it inserts some position tuples based on three Fields―Group Field, Feature Field, and Control Field. Field information can be calculated by numeric attributes and any attribute that can be transformed into binary bits. FBIPT technique retains all the characteristics of the source database, and experimental results prove the effectiveness of FBIPT and show its highly robust performance compared to state-of-the-art watermarking schemes.

The outsourcing of databases is very popular among IT companies and industries. It acts as a solution for businesses to ensure availability of the data for their users. The solution of outsourcing the database is to encrypt the data in a form where the database service provider can perform relational operations over the encrypted database. At the same time, the associated security risk of data leakage prevents many potential industries from deploying it. In this paper, we present a secure outsourcing database search scheme (BASDB) with the use of a smart contract for search operation over index of encrypted database and storing encrypted relational database in the cloud. Our proposed scheme BASDB is a simple and practical solution for effective search on encrypted relations and is well resistant to information leakage against attacks like search and access pattern leakage.

In this paper, we proposed a data security model of a big data analytical environment in the financial sector. Big Data can be seen as a trend in the advancement of technology that has opened the door to a new approach to understanding and decision making that is used to describe the vast amount of data (structured, unstructured and semi-structured) that is too time consuming and costly to load a relational database for analysis. The increase in cybercriminal attacks on an organization’s assets results in organizations beginning to invest in and care more about their cybersecurity points and controls. The management of business-critical data is an important point for which robust cybersecurity controls should be considered. The proposed model is applied in a datalake and allows the identification of security gaps on an analytical repository, a cybersecurity risk analysis, design of security components and an assessment of inherent risks on high criticality data in a repository of a regulated financial institution. The proposal was validated in financial entities in Lima, Peru. Proofs of concept of the model were carried out to measure the level of maturity focused on: leadership and commitment, risk management, protection control, event detection and risk management. Preliminary results allowed placing the entities in level 3 of the model, knowing their greatest weaknesses, strengths and how these can affect the fulfillment of business objectives.

This paper proposes a logic-based machine learning approach called Acuity which is designed to facilitate user-guided elucidation of novel phenomena from evidence sparsely distributed across large volumes of linked relational data. The work builds on systems from the field of Inductive Logic Programming (ILP) by introducing a suite of new techniques for interacting with domain experts and data sources in a way that allows complex logical reasoning to be strategically exploited on large real-world databases through intuitive hypothesis-shaping and data-caching functionality. We propose two methods for rebutting or shaping candidate hypotheses and two methods for querying or importing relevant data from multiple sources. The benefits of Acuity are illustrated in a proof-of-principle case study involving a retrospective analysis of the CryptoWall ransomware attack using data from a cyber security testbed comprising a small business network and an infected laptop.

Structured Query Language (SQL) is extensively used for storing, manipulating and retrieving information in the relational database management system. Using SQL statements, attackers will try to gain unauthorized access to databases and launch attacks to modify/retrieve the stored data, such attacks are called as SQL injection attacks. Such SQL Injection (SQLi) attacks tops the list of web application security risks of all the times. Identifying and mitigating the potential SQL attack statements before their execution can prevent SQLi attacks. Various techniques are proposed in the literature to mitigate SQLi attacks. In this paper, a random decision forest approach is introduced to mitigate SQLi attacks. From the experimental results, we can infer that the proposed approach achieves a precision of 97% and an accuracy of 95%.

Quasi-identifier is an attribute combined with other attributes to identify specific tuples or partial tuples. Improper selection of quasi-identifiers will lead to the failure of current privacy protection anonymization technology. Therefore, in this paper, we propose a method to solve single structured relational data quasi-identifiers based on functional dependency and determines the attribute classification standard. Firstly, the solution scope of quasi-identifier is determined to be all attributes except identity attributes and critical attributes. Secondly, the real data set is used to evaluate the dependency relationship between the indefinite attribute subset and the identity attribute to solve the quasi-identifiers set. Finally, we propose an algorithm to find all quasi-identifiers and experiment on real data sets of different sizes. The results show that our method can achieve better performance on the same dataset.

Sharing relational databases on the Internet creates the need to protect these databases. Its output in substantial losses to the data storing systems because of unauthorized access to information that could lose novelty. The research associations use the research databases to mine new information about the research works of the relational databases that are available for free. It is a great challenge to maintain authenticity because these databases are vulnerable to security issues. Watermarking is a candidate solution that fully protects databases shared with the receiver. The protection of relational database ownership that may continue to evolve against the various aquatic mechanisms shared with the recipient that arouses appetite for attacks and must continue to evolve so that they can have database knowledge to support their decision-making system is effective. The relational database based onVirtual private key Watermarking using numeric attribute) involves embedding the same watermark in the same properties in different places in the same place. Therefore, data attackers cannot remove watermarks from data. The proposed strategy is to work by inserting watermark bits in such a way that it causes minimal distortion in the data and the data usability must remain intact after the data is watermarked. The proposed strategy is to work by inserting watermark bits in such a way that it causes minimal distortion in the data and the ability to use the data after watermarking the data must remain intact. The existence of a primary key is the main feature or compulsory item for most of the strategies. Our method provides solutions no primary key feature where the integrating search system of the database remains intact after watermarking distortion.

Data on software vulnerabilities, products and exploits is typically collected from multiple non-structured sources. Valuable information, e.g., on which products are affected by which exploits, is conveyed by matching data from those sources, i.e., through their relations. In this paper, we leverage this simple albeit unexplored observation to introduce a statistical relational learning (SRL) approach for the analysis of vulnerabilities, products and exploits. In particular, we focus on the problem of determining the existence of an exploit for a given product, given information about the relations between products and vulnerabilities, and vulnerabilities and exploits, focusing on Industrial Control Systems (ICS), the National Vulnerability Database and ExploitDB. Using RDN-Boost, we were able to reach an AUC ROC of 0.83 and an AUC PR of 0.69 for the problem at hand. To reach that performance, we indicate that it is instrumental to include textual features, e.g., extracted from the description of vulnerabilities, as well as structured information, e.g., about product categories. In addition, using interpretable relational regression trees we report simple rules that shed insight on factors impacting the weaponization of ICS products.

Many information systems have been around for several decades, and most of them have their underlying databases. The data accumulated in those databases over the years could be a very valuable asset, which must be protected. The first role of database auditing is to ensure and confirm that security measures are set correctly. However, tracing user behavior and collecting a rich audit trail enables us to use that trail in a more proactive ways. As an example, audit trail could be analyzed ad hoc and used to prevent intrusion, or analyzed afterwards, to detect user behavior patterns, forecast workloads, etc. In this paper, we present a simple, secure, configurable, role-separated, and effective in-database auditing subsystem, which can be used as a base for access control, intrusion detection, fraud detection and other security-related analyses and procedures. It consists of a management relations, code and data object generators and several administrative tools. This auditing subsystem, implemented in several information systems, is capable of keeping the entire audit trail (data history) of a database, as well as all the executed SQL statements, which enables different security applications, from ad hoc intrusion prevention to complex a posteriori security analyses.

The advancement of technology in the creation of new tools to solve problems such as information storage generates proportionally developing methods that search for security flaws or breaches that compromise said information. The need to periodically generate security reports on database managers is given by the complexity and number of attacks that can be carried out today. This project seeks to carry out an evaluation of the security of NoSQL database managers. The work methodology is developed according to the order of the objectives, it begins by synthesizing the types of vulnerabilities, attacks and protection schemes limited to MongoDB, Redis and Apache Cassandra. Once established, a prototype of a web system that stores information with a non-relational database will be designed on which a series of attacks defined by a test plan will be applied seeking to add, consult, modify or eliminate information. Finally, a report will be presented that sets out the attacks carried out, the way in which they were applied, the results, possible countermeasures, security advantages and disadvantages for each manager and the conclusions obtained. Thus, it is possible to select which tool is more convenient to use for a person or organization in a particular case. The results showed that MongoDB is more vulnerable to NoSQL injection attacks, Redis is more vulnerable to attacks registered in the CVE and that Cassandra is more complex to use but is less vulnerable.

In this paper, we propose a zero-distortion blind reversible robust scheme for watermarking relational databases called PKMark. Data owner can declare the copyright of the databases or pursue the infringement by extracting the water-mark information embedded in the database. PKMark is mainly based on the primary key attribute of the tuple. So it does not depend on the type of the attribute, and can provide high-precision numerical attributes. PKMark uses RSA encryption on the watermark before embedding the watermark to ensure the security of the watermark information. Then we use RSA to sign the watermark cipher text so that the owner can verify the ownership of the watermark without disclosing the watermark. The watermark embedding and extraction are based on the hash value of the primary key, so the scheme has blindness and reversibility. In other words, the user can obtain the watermark information or restore the original database without comparing it to the original database. Our scheme also has almost excellent robustness against addition attacks, deletion attacks and alteration attacks. In addition, PKMark is resistant to additive attacks, allowing different users to embed multiple watermarks without interfering with each other, and it can indicate the sequence of watermark embedding so as to indicate the original copyright owner of the database. This watermarking scheme also allows data owners to detect whether the data has been tampered with.

Relational database management systems not only support larger-than-memory data processing and very advanced query optimization, but also offer the benefits of data security, privacy, and consistency. When machine learning on large data sets is processed directly on an existing SQL database server, the data does not need to be exported and transferred to a separate big data processing platform. To achieve this, we implement a linear regression algorithm using SQL code generation such that the computation can be performed server-side and directly in the RDBMs. Our method and its implementation, programmed in Python, solves linear regression (LR) using the ordinary least squares (OLS) method directly in the RDBMS using SQL code generation, leaving most of the processing in the database. Only the matrix of the system of equations, whose size is equal to the number of variables squared, is transferred from the SQL server to the Python client to be solved for OLS regression. For evaluation purposes, our LR implementation was tested with artificially generated datasets and compared to an existing Python library (Scikit Learn). We found that our implementation consistently solves OLS regression faster than Scikit Learn for datasets with more than 10,000 input rows, and if the number of columns is less than 64. Moreover, under the same test conditions where the computation is larger than memory, our implementation showed a fast result, while Scikit returned an out-of-memory error. We conclude that SQL is a promising tool for in-database processing of large-volume, low-dimensional data sets with a particular class of machine learning algorithms, namely those that can be efficiently solved with map-reduce queries such as OLS regression.

With the continuous emergence of cloud computing technology, cloud infrastructure software will become the mainstream application model in the future. Among the databases, relational databases occupy the largest market share. Therefore, the relational cloud database will be the main product of the combination of database technology and cloud computing technology, and will become an important branch of the database industry. This article explores the establishment of an evaluation system framework for relational databases, helping enterprises to select relational cloud database products according to a clear goal and path. This article can help enterprises complete the landing of relational cloud database projects.

The heterogeneous massive logs incoming from multiple sources pose major challenges to professionals responsible for IT security and system administrator. One of the challenges is to develop a scalable heterogeneous logs database for storage and further analysis. In fact, it is difficult to decide which database is suitable for the needs, the best of a use case, execution time and storage performances. In this paper, we explore, study, and compare the performance of SQL and NoSQL databases on large heterogeneous event logs. We implement the relational database using MySQL, the column-oriented database using Impala on the top of Hadoop, and the graph database using Neo4j. We experiment the databases on a large heterogeneous logs and provide advice, the pros and cons of each SQL and NoSQL database. Our findings that Impala outperforms MySQL and Neo4j databases in terms of loading logs, execution time of simple queries, and storage of logs. However, Neo4j outperforms Impala and MySQL in the execution time of complex queries.

The advancing information technology is playing more and more important role in data mining of relational database.1 The transfer and sharing of databases cause the copyright-related security threats. Database watermarking technology can effectively solve the problem with copyright protection and traceability, which has been attracting researchers' attention. In this paper, we proposed a novel, robust and reversible database watermarking technique, named histogram shifting watermarking based on random forest and genetic algorithm (RF-GAHCSW). It greatly improves the watermark capacity by means of histogram width reduction and eliminates the impact of the prediction error attack. Meanwhile, random forest algorithm is used to select important attributes for watermark embedding, and genetic algorithm is employed to find the optimal secret key for the database grouping and determine the position of watermark embedding to improve the watermark capacity and reduce data distortion. The experimental results show that the robustness of RF-GAHCSW is greatly improved, compared with the original HSW, and the distortion has little effect on the usability of database.

Criminals do money laundry to hide the illegitimate sources of money to show as if their money is of a legitimate source. Money laundry has many stages that money flow has to go through to finally look as if it is of a legitimate source, rule-based systems are implemented across different banks to detect structuring which is one technique of the layering stage which sophisticated criminals can evade by unsatisfying the check rules. In this work, graph database and graph data mining are to be used to overcome this limitation, the proposed technique does this by plotting the whole transactional monetary flow of entities doing money transfers between each other as one large graph database and then detecting clusters of entities interacting with each other, afterwards detection of the most influential node (intended destination) which we consider the destination to which huge amounts of money is intended to flow to (criminal`s account) using PageRank algorithm and eventually detecting all members (Smurfs) of participated in the paths leading to that destination, a technique that would be hard to implement using traditional RDBMS in contrary to Graph DB, our results have proven correct detection of clusters as well as the final destination of the monetary flow (criminal`s account).

This Transparent Data Encryption (TDE) can provide enormous benefits to the Relational Databases in the aspects of Data Security, Cryptographic Encryption, and Compliances. For every transaction, the stored data must be decrypted before applying the updates as well as should be encrypted before permanently storing back at the storage level. By adding this extra functionality to the database, the general thinking denotes that the Database (DB) going to hit some performance overhead at the CPU and storage level. However, The Oracle Corporation has adversely claimed that their latest Oracle DB version 19c TDE feature can provide significant improvement in the optimization of CPU and no overhead at the storage level for data processing. Impressively, it is true. the results of this paper prove too. Most interestingly the results also revealed about highly impacted components in the servers which are not yet disclosed in any of the previous research work. This paper completely concentrates on CPU, IO, and RAM performance analysis and identifying the bottlenecks along with possible solutions.

Many cloud services perform periodic database backup to keep the data safe from failures such as sudden system crashes. In the database system, two techniques are widely used for data backup and recovery: a physical backup and a logical backup. The physical backup uses raw data by copying the files in the database, whereas the logical backup extracts data from the database and dumps it into separated files as a sequence of query statements. Both techniques support a full backup strategy that contains data of the entire database and incremental backup strategy that contains changed data since a previous backup. However, both strategies require additional I/O operations to perform the backup and need a long time to restore a backup. In this paper, we propose an efficient backup and recovery scheme by exploiting write-ahead logging (WAL) in database systems. In the proposed scheme, for backup, we devise a backup system to use log data generated by the existing WAL to eliminate the additional I/O operations. To restore a backup, we utilize and optimize the existing crash recovery procedure of WAL to reduce recovery time. For example, we divide the recovery range and applying the backup data for each range independently via multiple threads. We implement our scheme in MySQL, a popular database management system. The experimental result demonstrates that the proposed scheme provides instant backup while reducing recovery time compared with the existing schemes.