• DocumentCode
    2153842
  • Title

    Intrusion detection in real-time database systems via time signatures

  • Author

    Lee, Victor C S ; Stankovic, John A. ; Son, Sang H.

  • Author_Institution
    Dept. of Comput. Sci., City Univ. of Hong Kong, Hong Kong
  • fYear
    2000
  • fDate
    2000
  • Firstpage
    124
  • Lastpage
    133
  • Abstract
    The authors describe a method for intrusion detection applied to real time database systems. The novel idea pursued in this study is to exploit the real time properties of data in intrusion detection. Data objects will be tagged with “time semantics” that capture expectations about update rates that are unknown to the intruders. This is not simply timestamping data. Our notion of time signatures can be used to detect violations of the security policy. For testing purposes, we use intruders that disguise themselves as “normal” transactions, and compare the ability of different numerically quantifiable measures to capture the behavior of the expected update and to recognize intrusions. For instance, by using a hidden periodic update rate, the system can detect unauthorized update requests, as they will likely not occur at the right time, thereby triggering an alarm to the system. The experimental results show that this technique could be a powerful discriminating measure to identify intruders with a low false alarm rate. While the results are presented for real time databases, the idea is also applicable to traditional systems
  • Keywords
    authorisation; database management systems; real-time systems; safety systems; temporal logic; timing; transaction processing; data objects; discriminating measure; false alarm rate; hidden periodic update rate; intrusion detection; numerically quantifiable measures; real time database systems; real time databases; real time properties; security policy; time semantics; time signatures; traditional systems; unauthorized update requests; update rates; Data security; Database systems; Electrical capacitance tomography; Identity-based encryption; Information security; Intrusion detection; Real time systems; Stock markets; Testing; Timing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Real-Time Technology and Applications Symposium, 2000. RTAS 2000. Proceedings. Sixth IEEE
  • Conference_Location
    Washington, DC
  • ISSN
    1080-1812
  • Print_ISBN
    0-7695-0713-1
  • Type

    conf

  • DOI
    10.1109/RTTAS.2000.852457
  • Filename
    852457