In this paper we proposed a data mining approach for detecting malicious transactions in a Database System. Our approach concentrates on mining data dependencies among data items in the database. A data dependency miner is designed for mining data correlations from the database log. The transactions not compliant to the data dependencies mined are identified as malicious transactions. The experiment illustrates that the proposed method works effectively for detecting malicious transactions provided certain data dependencies exist in the database.
This paper investigates the problem of knowledge acquisition by an unauthorized insider using dependencies between objects in relational databases. It defines various types of knowledge. In addition, it introduces the Neural Dependency and Inference Graph (NDIG), which shows dependencies among objects and the amount of knowledge that can be inferred about them using dependency relationships. Moreover, it introduces an algorithm to determine the knowledgebase of an insider and explains how insiders can broaden their knowledge about various relational database objects to which they lack appropriate access privileges. In addition, it demonstrates how NDIGs and knowledge graphs help in assessment of insider threats and what security officers can do to avoid such threats.
One of the difficulties in evaluating the trustworthiness of an object in a virtual organization is the lack of sufficient information to study how the object was formed and to what level its components should be trusted. If a subject could be provided with detailed information about the ingredients of a compound object, then the subject would be able to evaluate the trust level of that compound object with higher confidence. This paper introduces a scheme using labels associated with each object within the domain of a virtual organization to facilitate trust management. Each label supplies certain information regarding the originality of the associated object. Thus, partial trust (also called component trust) can be integrated to evaluate the composite trust of the compound object. Re-labeling enables object information update to accommodate the dynamic nature of a virtual organization. Indirect trust between two subjects can be calculated based on a trust network. Different subjects may view the same object with different trust values because they trust the components of the object to different degrees. This model uses recommendations supplied by other subjects to provide a dynamic and flexible way to adjust the trustworthiness of an object for a certain subject.
Abstract:In spite of ali existing security mechanisms, it is quite difficult to protect databases from electronic attacks. This research provides techniques to make an assessment of the damaged data and then to recover the affected data to consistent states after an attack is detected. Damage assessment is done using data dependency approach in order to obtain precise information on the damaged part of the database. Two algorithms are presented in this paper. The first algorithm performs the damage assessment and recovery simultaneouslYj whereas the second algorithm separates these two processes for improved efficiency. Both algorithms allow blind-writes on data items allowing damaged items to be recovered automatically.
INTRODUCTIONWith the increasing popularity of Internet, worldwide information sharing becomes a common practice. At the same time, this connectivity with the rest of the world opens channels for intruders to access and possibly damage sensitive information. Although there are severa! techniques available, as described in [1] and [4], to prevent unauthorized access to sensitive data, these preventive measures are not always successful. It seems extremely hard to build systems that share information over electronic networks and still remain invulnerable to attackers. Hackers are always in search of new ways to prevail over the system security. Password sniffing and session hijackings are among various other means of intruding into a system, and the system will not be able to detect an attacker from a legitimate user in these cases. Besides, there remains possibility of significant damage by insider-turn-foes.S. Jajodia (ed.), Database Security XII
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.