A Dynamic Approach to Detect Anomalous Queries on Relational Databases
作者: Mohammad Saiful Islam , Mehmet Kuzu , Murat Kantarcioglu
关键词:
摘要: Protecting sensitive datasets from insider and outsider attacks has been a major concern over the years. Relational Database Management System (RDBMS) de facto standard to store, retrieve manage large efficiently in last few However, as surprising it seems, not lot of works can be found literature which protect databases anomalous accesses. In this paper, we present novel Intrusion Detection (IDS) for relational databases. Our primary objective is both threats by detecting access patterns using Hidden Markov Model (HMM). While most previous notable area focus on query syntax detect access, our approach takes into account amount information result contains potential intrusion. Finally, empirical evaluation publicly available TPC-H dataset shows that IDS with high degree accuracy.
acm.org
sci-hub.se 参考文章(23)
Levent Ertöz, Aleksandar Lazarevic, Vipin Kumar, Jaideep Srivastava, Aysel Ozgur, A Comparative Study of Anomaly Detection Schemes in Network Intrusion Detection. siam international conference on data mining. pp. 25- 36 ,(2003)
Sunu Mathew, Michalis Petropoulos, Hung Q. Ngo, Shambhu Upadhyaya, A data-centric approach to insider attack detection in database systems recent advances in intrusion detection. pp. 382- 401 ,(2010) , 10.1007/978-3-642-15512-3_20
Peter G. Neumann, Phillip A. Porras, Experience with EMERALD to Date ID'99 Proceedings of the 1st conference on Workshop on Intrusion Detection and Network Monitoring - Volume 1. pp. 73- 80 ,(1999)
Eleazar Eskin, Andrew Arnold, Michael Prerau, Leonid Portnoy, Sal Stolfo, A Geometric Framework for Unsupervised Anomaly Detection Applications of Data Mining in Computer Security. pp. 77- 101 ,(2002) , 10.1007/978-1-4615-0953-0_4
Adrian Spalka, Jan Lehnhardt, A comprehensive approach to anomaly detection in relational databases Lecture Notes in Computer Science. pp. 207- 221 ,(2005) , 10.1007/11535706_16
G. Vigna, S.T. Eckmann, R.A. Kemmerer, The STAT tool suite darpa information survivability conference and exposition. ,vol. 2, pp. 46- 55 ,(2000) , 10.1109/DISCEX.2000.821508
Hervé Debar, Marc Dacier, Andreas Wespi, Towards a taxonomy of intrusion-detection systems Computer Networks. ,vol. 31, pp. 805- 822 ,(1999) , 10.1016/S1389-1286(98)00017-6
Leonard E. Baum, Ted Petrie, Statistical Inference for Probabilistic Functions of Finite State Markov Chains Annals of Mathematical Statistics. ,vol. 37, pp. 1554- 1563 ,(1966) , 10.1214/AOMS/1177699147
Martin Kuhlmann, Dalia Shohat, Gerhard Schimpf, Role mining - revealing business roles for security administration using data mining technology Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03. pp. 179- 186 ,(2003) , 10.1145/775412.775435
Charu C. Aggarwal, Philip S. Yu, Outlier detection for high dimensional data international conference on management of data. ,vol. 30, pp. 37- 46 ,(2001) , 10.1145/375663.375668