Title :
An effective log mining approach for database intrusion detection
Author :
Yi Hu ; Campan, Alina ; Walden, James ; Vorobyeva, Irina ; Shelton, Justin
Author_Institution :
Comput. Sci. Dept., Northern Kentucky Univ., Highland Heights, KY, USA
Abstract :
Organizations spend a significant amount of resources securing their servers and network perimeters. However, these mechanisms are not sufficient for protecting databases. In this paper, we present a new technique for identifying malicious database transactions. Compared to many existing approaches which profile SQL query structures and database user activities to detect intrusions, the novelty of this approach is the automatic discovery and use of essential data dependencies, namely, multi-dimensional and multi-level data dependencies, for identifying anomalous database transactions. Since essential data dependencies reflect semantic relationships among data items and are less likely to change than SQL query structures or database user behaviors, they are ideal for profiling data correlations for identifying malicious database activities.
Keywords :
SQL; data mining; relational databases; security of data; database intrusion detection; database user activities; log mining approach; malicious database transactions; multidimensional data dependency; multilevel data dependency; profile SQL query structures; Databases; Data Mining; Database Security; Intrusion Detection;
Conference_Titel :
Systems Man and Cybernetics (SMC), 2010 IEEE International Conference on
Conference_Location :
Istanbul
Print_ISBN :
978-1-4244-6586-6
DOI :
10.1109/ICSMC.2010.5641988
