{"id":"https://openalex.org/W2114887958","doi":"https://doi.org/10.1145/2043556.2043567","title":"Intrusion recovery for database-backed web applications","display_name":"Intrusion recovery for database-backed web applications","publication_year":2011,"publication_date":"2011-10-23","ids":{"openalex":"https://openalex.org/W2114887958","doi":"https://doi.org/10.1145/2043556.2043567","mag":"2114887958"},"language":"en","primary_location":{"id":"doi:10.1145/2043556.2043567","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2043556.2043567","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"http://hdl.handle.net/1721.1/73667","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":null,"display_name":"Ramesh Chandra","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Ramesh Chandra","raw_affiliation_strings":["MIT CSAIL"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100743709","display_name":"Taesoo Kim","orcid":"https://orcid.org/0000-0002-7440-2067"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Taesoo Kim","raw_affiliation_strings":["MIT CSAIL"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5036834438","display_name":"Meelap Shah","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Meelap Shah","raw_affiliation_strings":["MIT CSAIL"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5037371592","display_name":"Neha Narula","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Neha Narula","raw_affiliation_strings":["MIT CSAIL"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082808262","display_name":"Nickolai Zeldovich","orcid":"https://orcid.org/0000-0003-0238-2703"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Nickolai Zeldovich","raw_affiliation_strings":["MIT CSAIL"],"affiliations":[{"raw_affiliation_string":"MIT CSAIL","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":5,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":6.5774,"has_fulltext":false,"cited_by_count":57,"citation_normalized_percentile":{"value":0.96627569,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"101","last_page":"114"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8711807727813721},{"id":"https://openalex.org/keywords/rollback","display_name":"Rollback","score":0.5821853280067444},{"id":"https://openalex.org/keywords/scripting-language","display_name":"Scripting language","score":0.5605477094650269},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.555191695690155},{"id":"https://openalex.org/keywords/cross-site-scripting","display_name":"Cross-site scripting","score":0.5176866054534912},{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.5175475478172302},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5167307257652283},{"id":"https://openalex.org/keywords/sql","display_name":"SQL","score":0.4590209424495697},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.4558005630970001},{"id":"https://openalex.org/keywords/intrusion","display_name":"Intrusion","score":0.43747544288635254},{"id":"https://openalex.org/keywords/web-page","display_name":"Web page","score":0.3621257543563843},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.35203081369400024},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.2953648567199707},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.19339525699615479},{"id":"https://openalex.org/keywords/database-transaction","display_name":"Database transaction","score":0.1287962794303894},{"id":"https://openalex.org/keywords/query-by-example","display_name":"Query by Example","score":0.10908398032188416},{"id":"https://openalex.org/keywords/search-engine","display_name":"Search engine","score":0.07806053757667542}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8711807727813721},{"id":"https://openalex.org/C174220543","wikidata":"https://www.wikidata.org/wiki/Q395307","display_name":"Rollback","level":3,"score":0.5821853280067444},{"id":"https://openalex.org/C61423126","wikidata":"https://www.wikidata.org/wiki/Q187432","display_name":"Scripting language","level":2,"score":0.5605477094650269},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.555191695690155},{"id":"https://openalex.org/C39569185","wikidata":"https://www.wikidata.org/wiki/Q371199","display_name":"Cross-site scripting","level":5,"score":0.5176866054534912},{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.5175475478172302},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5167307257652283},{"id":"https://openalex.org/C510870499","wikidata":"https://www.wikidata.org/wiki/Q47607","display_name":"SQL","level":2,"score":0.4590209424495697},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.4558005630970001},{"id":"https://openalex.org/C158251709","wikidata":"https://www.wikidata.org/wiki/Q354025","display_name":"Intrusion","level":2,"score":0.43747544288635254},{"id":"https://openalex.org/C21959979","wikidata":"https://www.wikidata.org/wiki/Q36774","display_name":"Web page","level":2,"score":0.3621257543563843},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.35203081369400024},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.2953648567199707},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.19339525699615479},{"id":"https://openalex.org/C75949130","wikidata":"https://www.wikidata.org/wiki/Q848010","display_name":"Database transaction","level":2,"score":0.1287962794303894},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.10908398032188416},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.07806053757667542},{"id":"https://openalex.org/C127313418","wikidata":"https://www.wikidata.org/wiki/Q1069","display_name":"Geology","level":0,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0},{"id":"https://openalex.org/C17409809","wikidata":"https://www.wikidata.org/wiki/Q161764","display_name":"Geochemistry","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2043556.2043567","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2043556.2043567","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles","raw_type":"proceedings-article"},{"id":"pmh:oai:dspace.mit.edu:1721.1/73667","is_oa":true,"landing_page_url":"http://hdl.handle.net/1721.1/73667","pdf_url":null,"source":{"id":"https://openalex.org/S4306400425","display_name":"DSpace@MIT (Massachusetts Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I63966007","host_organization_name":"Massachusetts Institute of Technology","host_organization_lineage":["https://openalex.org/I63966007"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"MIT web domain","raw_type":"http://purl.org/eprint/type/ConferencePaper"}],"best_oa_location":{"id":"pmh:oai:dspace.mit.edu:1721.1/73667","is_oa":true,"landing_page_url":"http://hdl.handle.net/1721.1/73667","pdf_url":null,"source":{"id":"https://openalex.org/S4306400425","display_name":"DSpace@MIT (Massachusetts Institute of Technology)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I63966007","host_organization_name":"Massachusetts Institute of Technology","host_organization_lineage":["https://openalex.org/I63966007"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-sa","license_id":"https://openalex.org/licenses/cc-by-nc-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"MIT web domain","raw_type":"http://purl.org/eprint/type/ConferencePaper"},"sustainable_development_goals":[{"score":0.5799999833106995,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G3109896040","display_name":null,"funder_award_id":"N66001-10-2-4089","funder_id":"https://openalex.org/F4320332180","funder_display_name":"Defense Advanced Research Projects Agency"},{"id":"https://openalex.org/G6916664691","display_name":null,"funder_award_id":"CNS-1053143","funder_id":"https://openalex.org/F4320337388","funder_display_name":"Division of Computer and Network Systems"}],"funders":[{"id":"https://openalex.org/F4320332180","display_name":"Defense Advanced Research Projects Agency","ror":"https://ror.org/02caytj08"},{"id":"https://openalex.org/F4320337388","display_name":"Division of Computer and Network Systems","ror":"https://ror.org/02rdzmk74"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":28,"referenced_works":["https://openalex.org/W161296890","https://openalex.org/W1514763803","https://openalex.org/W1559528097","https://openalex.org/W1587265799","https://openalex.org/W1858703999","https://openalex.org/W1882645790","https://openalex.org/W1883937078","https://openalex.org/W1941427975","https://openalex.org/W2043994652","https://openalex.org/W2047085757","https://openalex.org/W2078524330","https://openalex.org/W2101198401","https://openalex.org/W2129860818","https://openalex.org/W2133741724","https://openalex.org/W2140409350","https://openalex.org/W2142892618","https://openalex.org/W2144801589","https://openalex.org/W2155750598","https://openalex.org/W2193288339","https://openalex.org/W2293069947","https://openalex.org/W2293351723","https://openalex.org/W2294081347","https://openalex.org/W2914563499","https://openalex.org/W4232895233","https://openalex.org/W6606537055","https://openalex.org/W6633462303","https://openalex.org/W6639295956","https://openalex.org/W6696473490"],"related_works":["https://openalex.org/W2955734438","https://openalex.org/W2167752994","https://openalex.org/W2775081089","https://openalex.org/W2504194819","https://openalex.org/W2407701912","https://openalex.org/W4256450364","https://openalex.org/W4238821156","https://openalex.org/W1982746004","https://openalex.org/W4245700610","https://openalex.org/W2791970934"],"abstract_inverted_index":{"Warp":[0,29,52,104,132],"is":[1],"a":[2,42,100,114,123,127,142,154],"system":[3],"that":[4,121],"helps":[5],"users":[6],"and":[7,21,47,90,106,160],"administrators":[8,54],"of":[9,38,87,99,113,144,156],"web":[10,101,128,146],"applications":[11],"recover":[12,67,118,140],"from":[13,31,68,119,141],"intrusions":[14,69],"such":[15],"as":[16],"SQL":[17],"injection,":[18],"cross-site":[19],"scripting,":[20],"clickjacking":[22],"attacks,":[23],"while":[24],"preserving":[25],"legitimate":[26,50],"user":[27,108,151],"changes.":[28],"repairs":[30],"an":[32],"intrusion":[33],"by":[34],"rolling":[35],"back":[36],"parts":[37],"the":[39,45,72,111],"database":[40,83,88],"to":[41,55,64,74,93,117,139],"version":[43],"before":[44],"attack,":[46],"replaying":[48],"subsequent":[49],"actions.":[51],"allows":[53,84],"retroactively":[56],"patch":[57],"security":[58,62],"vulnerabilities---i.e.,":[59],"apply":[60],"new":[61],"patches":[63],"past":[65],"executions---to":[66],"without":[70],"requiring":[71],"administrator":[73],"track":[75],"down":[76],"or":[77],"even":[78],"detect":[79],"attacks.":[80],"Warp's":[81],"time-travel":[82],"fine-grained":[85],"rollback":[86],"rows,":[89],"enables":[91],"repair":[92],"proceed":[94],"concurrently":[95],"with":[96,149],"normal":[97],"operation":[98],"application.":[102],"Finally,":[103],"captures":[105],"replays":[107],"input":[109,152],"at":[110,153],"level":[112],"browser's":[115],"DOM,":[116],"attacks":[120],"involve":[122],"user's":[124],"browser.":[125],"For":[126],"server":[129],"running":[130],"MediaWiki,":[131],"requires":[133],"no":[134],"application":[135,147],"source":[136],"code":[137],"changes":[138],"range":[143],"common":[145],"vulnerabilities":[148],"minimal":[150],"cost":[155],"24--27%":[157],"in":[158,163],"throughput":[159],"2--3.2":[161],"GB/day":[162],"storage.":[164]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":6},{"year":2020,"cited_by_count":6},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":4},{"year":2017,"cited_by_count":2},{"year":2016,"cited_by_count":11},{"year":2015,"cited_by_count":3},{"year":2014,"cited_by_count":4},{"year":2013,"cited_by_count":9},{"year":2012,"cited_by_count":2}],"updated_date":"2026-04-21T08:09:41.155169","created_date":"2025-10-10T00:00:00"}