Title :
Insider Threat in Database Systems: Preventing Malicious Users´ Activities in Databases
Author :
Chagarlamudi, Manideep ; Panda, Brajendra ; Hu, Yi
Author_Institution :
Comput. Sci. & Comput. Eng. Dept., Univ. of Arkansas, Fayetteville, AR
Abstract :
Existing database misuse detection systems are not well equipped to identify malicious activities carried out by legitimate users of the system. In this paper we present a model that can prevent malicious insider activities at the database application level. Our model is based on user tasks, each of which maps to several transactions. An implementation-oriented approach is described to validate these tasks as they are executed by authenticated users. Using simulation analysis we demonstrate the effectiveness of our method.
Keywords :
database management systems; security of data; authenticated users; database misuse detection systems; database systems; insider threat; malicious insider activities; malicious user activities; user tasks; Access control; Analytical models; Application software; Computational modeling; Computer science; Data engineering; Database systems; Graphical user interfaces; Information technology; Transaction databases;
Conference_Titel :
Information Technology: New Generations, 2009. ITNG '09. Sixth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-3770-2
Electronic_ISBN :
978-0-7695-3596-8
DOI :
10.1109/ITNG.2009.67
