Databases are the key component of most computer systems today. Because of the valuable and sensitive data they store and process, these database systems have become the primary target of digital attacks. For example, confidential information (e.g., social security number, home address) of over 140 million people is leaked in 2017 from Equifax, one of US’s largest credit reporting companies.

This prevalence of database breaches spurs more interests towards building secure databases in both academia and industry. There have been a set of proposed works that can protect data using advanced encryption schemes or hide query access patterns, albeit at some performance cost. However, recent work has also shown that volume leakage is a significant vulnerability that can be exploited to reconstruct the entire database even when using state-of-the-art designs with strongest security guarantees.

In this work, we present new attacks for recovering the content of individual user queries, assuming no leakage from the system except the number of results. Unlike previous volume-based attacks that rely on assumptions either too stringent or unrealistic for many real-world systems, our attacks directly leverage real application semantics running on top of these database systems. The key insight is that, by exploiting the behavior of specific applications, one can immediately have an attack without making further assumptions like prior work does about the underlying system.




Download Full History