Verity: Blockchain Based Framework to Detect Insider Attacks in DBMS

Integrity and security of databases are maintained with access control policies and firewalls. However, insider attacks - where someone with administrative privileges tampers with the data - pose a unique challenge. In this paper, we propose Verity - first of a kind system to the best of our knowledge - to detect insider attacks in databases. Verity serves as a dataless framework by which any blockchain network can be used to store fixed-length fingerprints of tuples from any SQL database, without complete migration of the data. Verity uses a formalism for intercepting SQL queries and their results to check the respective tuples' integrity using the fingerprints stored on the blockchain, and detect an insider attack. We have implemented our technique using Hyperledger Fabric, and SQLite database. Using TPC-H data and CRUD (Create, Read, Update, Delete) SQL queries of varying complexity and nestings, our experiments demonstrate that any overhead of tuple integrity checking remains constant per tuple in a query's results, and scales linearly.