Monitoring Database Application Behavior for Intrusion Detection

Author

Fonseca, José ; Vieira, Marco ; Madeira, Henrique

Author_Institution

CISUC, Polithecnic Inst. of Guarda

fYear

2006

fDate

Dec. 2006

Firstpage

383

Lastpage

386

Abstract

Database management systems (DBMS) represent the ultimate layer in preventing malicious data access or corruption and implement several security mechanisms to protect data. However these mechanisms cannot always stop malicious users from accessing data by exploiting system vulnerabilities. The aim of this paper is to propose an intrusion detection mechanism for DBMS to fill this gap. Our approach consists of a comprehensive representation of user database utilization profiles to perform concurrent intrusion detection. Prior to the detection it is necessary to define and learn these utilization profiles. Profiles are defined using a three level abstraction and learned directly from monitoring the database utilization in real conditions. The proposed mechanism is generic and can be easily implemented in commercial and open-source DBMS

Keywords

database management systems; public domain software; security of data; data corruption; data protection; database application monitoring; database management systems; intrusion detection mechanism; malicious data access; open-source DBMS; user database utilization profiles; Computerized monitoring; Condition monitoring; Data security; Database systems; Intrusion detection; Open source software; Phase detection; Protection; Spatial databases; Transaction databases;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Computing, 2006. PRDC '06. 12th Pacific Rim International Symposium on

Conference_Location

Riverside, CA

Print_ISBN

0-7695-2724-8

Type

conf

DOI

10.1109/PRDC.2006.46

Filename

4041930