• DocumentCode
    2367005
  • Title

    An Approach for Database Intrusion Detection Based on the Event Sequence Clustering

  • Author

    Li, Yinzhao ; Yang, Dongxu ; Ren, Jiadong ; Hu, Changzhen

  • Author_Institution
    Lab. of Comput. Network, Defense Technol. Beijing Inst. of Technol., Beijing, China
  • fYear
    2009
  • fDate
    25-27 Aug. 2009
  • Firstpage
    584
  • Lastpage
    588
  • Abstract
    Database intrusion detection technology is an important part of the database security. The paper presents a new database intrusion detection method based on the event sequence clustering. Firstly, aiming at computing the similarity of two SQL statement sequences, an improved edit distance function is defined. The corresponding clustering results are obtained by the computed similarity. Secondly, the attack sequences are detected by calculating the similarity between user´s operation sequences and cluster center. The association between two operation sequences is analyzed. At last, the experimental results show that our approach has lower false alarm rate and higher accuracy rate.
  • Keywords
    SQL; pattern clustering; security of data; SQL statement sequences; attack sequences; database intrusion detection; database security; edit distance function; event sequence clustering; false alarm rate; Clustering algorithms; Clustering methods; Computer networks; Costs; Data engineering; Educational institutions; Information science; Intrusion detection; Probability; Relational databases; clustering; database intrusion detection; event sequence;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    INC, IMS and IDC, 2009. NCM '09. Fifth International Joint Conference on
  • Conference_Location
    Seoul
  • Print_ISBN
    978-1-4244-5209-5
  • Electronic_ISBN
    978-0-7695-3769-6
  • Type

    conf

  • DOI
    10.1109/NCM.2009.30
  • Filename
    5331785
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2367005