Title :
An Approach for Database Intrusion Detection Based on the Event Sequence Clustering
Author :
Li, Yinzhao ; Yang, Dongxu ; Ren, Jiadong ; Hu, Changzhen
Author_Institution :
Lab. of Comput. Network, Defense Technol. Beijing Inst. of Technol., Beijing, China
Abstract :
Database intrusion detection technology is an important part of the database security. The paper presents a new database intrusion detection method based on the event sequence clustering. Firstly, aiming at computing the similarity of two SQL statement sequences, an improved edit distance function is defined. The corresponding clustering results are obtained by the computed similarity. Secondly, the attack sequences are detected by calculating the similarity between user´s operation sequences and cluster center. The association between two operation sequences is analyzed. At last, the experimental results show that our approach has lower false alarm rate and higher accuracy rate.
Keywords :
SQL; pattern clustering; security of data; SQL statement sequences; attack sequences; database intrusion detection; database security; edit distance function; event sequence clustering; false alarm rate; Clustering algorithms; Clustering methods; Computer networks; Costs; Data engineering; Educational institutions; Information science; Intrusion detection; Probability; Relational databases; clustering; database intrusion detection; event sequence;
Conference_Titel :
INC, IMS and IDC, 2009. NCM '09. Fifth International Joint Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-5209-5
Electronic_ISBN :
978-0-7695-3769-6
DOI :
10.1109/NCM.2009.30
