Brajendra Panda scite author profile

In this paper we proposed a data mining approach for detecting malicious transactions in a Database System. Our approach concentrates on mining data dependencies among data items in the database. A data dependency miner is designed for mining data correlations from the database log. The transactions not compliant to the data dependencies mined are identified as malicious transactions. The experiment illustrates that the proposed method works effectively for detecting malicious transactions provided certain data dependencies exist in the database.

show abstract

A Knowledge-Base Model for Insider Threat Prediction

Althebyan

Panda

2007

View full text Add to dashboard Cite

Insider Threat in Database Systems: Preventing Malicious Users' Activities in Databases

Chagarlamudi

Panda

2009

View full text Add to dashboard Cite

Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems

Yaseen

Panda

2009

View full text Add to dashboard Cite

This paper investigates the problem of knowledge acquisition by an unauthorized insider using dependencies between objects in relational databases. It defines various types of knowledge. In addition, it introduces the Neural Dependency and Inference Graph (NDIG), which shows dependencies among objects and the amount of knowledge that can be inferred about them using dependency relationships. Moreover, it introduces an algorithm to determine the knowledgebase of an insider and explains how insiders can broaden their knowledge about various relational database objects to which they lack appropriate access privileges. In addition, it demonstrates how NDIGs and knowledge graphs help in assessment of insider threats and what security officers can do to avoid such threats.

show abstract

Component based trust management in the context of a virtual organization

Zuo

Panda

2005

View full text Add to dashboard Cite

One of the difficulties in evaluating the trustworthiness of an object in a virtual organization is the lack of sufficient information to study how the object was formed and to what level its components should be trusted. If a subject could be provided with detailed information about the ingredients of a compound object, then the subject would be able to evaluate the trust level of that compound object with higher confidence. This paper introduces a scheme using labels associated with each object within the domain of a virtual organization to facilitate trust management. Each label supplies certain information regarding the originality of the associated object. Thus, partial trust (also called component trust) can be integrated to evaluate the composite trust of the compound object. Re-labeling enables object information update to accommodate the dynamic nature of a virtual organization. Indirect trust between two subjects can be calculated based on a trust network. Different subjects may view the same object with different trust values because they trust the components of the object to different degrees. This model uses recommendations supplied by other subjects to provide a dynamic and flexible way to adjust the trustworthiness of an object for a certain subject.

show abstract

Database damage assessment using a matrix based approach: an intrusion response system

Panda

Zhou

View full text Add to dashboard Cite

Reconstructing the Database After Electronic Attacks

Panda¹,

Giordano²

1999

View full text Add to dashboard Cite

Abstract:In spite of ali existing security mechanisms, it is quite difficult to protect databases from electronic attacks. This research provides techniques to make an assessment of the damaged data and then to recover the affected data to consistent states after an attack is detected. Damage assessment is done using data dependency approach in order to obtain precise information on the damaged part of the database. Two algorithms are presented in this paper. The first algorithm performs the damage assessment and recovery simultaneouslYj whereas the second algorithm separates these two processes for improved efficiency. Both algorithms allow blind-writes on data items allowing damaged items to be recovered automatically. INTRODUCTIONWith the increasing popularity of Internet, worldwide information sharing becomes a common practice. At the same time, this connectivity with the rest of the world opens channels for intruders to access and possibly damage sensitive information. Although there are severa! techniques available, as described in [1] and [4], to prevent unauthorized access to sensitive data, these preventive measures are not always successful. It seems extremely hard to build systems that share information over electronic networks and still remain invulnerable to attackers. Hackers are always in search of new ways to prevail over the system security. Password sniffing and session hijackings are among various other means of intruding into a system, and the system will not be able to detect an attacker from a legitimate user in these cases. Besides, there remains possibility of significant damage by insider-turn-foes.S. Jajodia (ed.), Database Security XII

show abstract

Evaluating damage from cyber attacks: a model and analysis

Lala¹,

Panda

2001

IEEE Trans. Syst., Man, Cybern. A

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

334 Leonard St

Brooklyn, NY 11211

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Brajendra Panda

A data mining approach for database intrusion detection

A Knowledge-Base Model for Insider Threat Prediction

Insider Threat in Database Systems: Preventing Malicious Users' Activities in Databases

Knowledge Acquisition and Insider Threat Prediction in Relational Database Systems

Component based trust management in the context of a virtual organization

Database damage assessment using a matrix based approach: an intrusion response system

Reconstructing the Database After Electronic Attacks

Evaluating damage from cyber attacks: a model and analysis

Contact Info

Product

Resources

About