Hybrid Approach for Database Intrusion Detection with Reactive Policies

Database systems are the important assets of the information system infrastructure in most organizations. The databases may contain invaluable sensitive information and unauthorized transaction could cause a lot of harm. In this paper, we proposed a Hybrid Reactive Database Intrusion Detection System that detects known as well as new database intrusions. We used an improved Apriori algorithm for mining association rules from the user behaviour. It analyses the associations between various parameters of the user activities. This improved Apriori algorithm is considered to make the data mining process faster. Reactive policies are adopted for the detected intrusions. These policies are created based on the severity of an intrusion and an appropriate response is generated for the users who performed intrusive activity. This approach enhances the database security by generating more selective and more sensitive rules, and by providing faster decision, faster performance.