A Data-Centric Approach to Insider Attack Detection in Database Systems

Mathew, Sunu; Petropoulos, Michalis; Ngo, Hung Q.; Upadhyaya, Shambhu

doi:10.1007/978-3-642-15512-3_20

Cited by 119 publications

(83 citation statements)

References 33 publications

(40 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Among the most relevant works, Kamra et al [29] and Mathew et al [30] focus on the analysis of anomalous commands executed on databases. In particular, they proposed a syntax analysis system to detect anomalous queries; the former analyzed the submitted SQL queries, while the latter focused on data retrieved from queries.…”

Section: Informationmentioning

confidence: 99%

Insider Threats in Emerging Mobility-as-a-Service Scenarios

Callegati¹,

Giallorenzo

Melis³

et al. 2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

View full text Add to dashboard Cite

Abstract-Mobility as a Service (MaaS) applies the everything-asa-service paradigm of Cloud Computing to transportation: a MaaS provider offers to its users the dynamic composition of solutions of different travel agencies into a single, consistent interface.Traditionally, transits and data on mobility belong to a scattered plethora of operators. Thus, we argue that the economic model of MaaS is that of federations of providers, each trading its resources to coordinate multi-modal solutions for mobility. Such flexibility comes with many security and privacy concerns, of which insider threat is one of the most prominent. In this paper, we follow a tiered structure -from individual operators to markets of federated MaaS providers -to classify the potential threats of each tier and propose the appropriate countermeasures, in an effort to mitigate the problems.

show abstract

Section: Informationmentioning

confidence: 99%

Insider Threats in Emerging Mobility-as-a-Service Scenarios

Callegati¹,

Giallorenzo

Melis³

et al. 2017

Proceedings of the 50th Hawaii International Conference on System Sciences (2017)

View full text Add to dashboard Cite

show abstract

“…Mathew et al [15] proposed a methodology to address the problem of threats by an insider by presenting a feature extraction method to model users' access patterns. This paper emphasizes users' access patterns by profiling the data points that users' access.…”

Section: "A Data-centric Approach To Insider Attack Detection In Datamentioning

confidence: 99%

A Survey on the Detection of SQL Injection Attacks and Their Countermeasures

2015

J Inf Process Syst

View full text Add to dashboard Cite

The Structured Query Language (SQL) Injection continues to be one of greatest security risks in the world according to the Open Web Application Security Project's (OWASP) [1] Top 10 Security vulnerabilities 2013. The ease of exploitability and severe impact puts this attack at the top. As the countermeasures become more sophisticated, SOL Injection Attacks also continue to evolve, thus thwarting the attempt to eliminate this attack completely. The vulnerable data is a source of worry for government and financial institutions. In this paper, a detailed survey of different types of SQL Injection and proposed methods and theories are presented, along with various tools and their efficiency in intercepting and preventing SQL attacks.

show abstract

“…Semantic-based: interested with what the user is trying to access -the result of the query itself -rather than how he expresses it. [14] Introduces a data centric approach in which a user profile is built on what he accesses (i.e. the semantic of the query).…”

Section: Related Workmentioning

confidence: 99%

Database Security Protection based on a New Mechanism

Rezk¹,

Ali²,

Barakat³

2012

IJCA

View full text Add to dashboard Cite

The database security is one of the important issues that should take a complete attention from researchers. Although applying the traditional security mechanisms, the database still violate from both of external and internal users. So, the researchers develop a Database Intrusion Detection System (DBIDS) to detect intrusion as soon as it occurs and override its malicious affects. The previous work developed a DBIDS as a third party product which is isolated from the DBMS security functions especially access controls. The lack of coordination and inter-operation between these two components prevent detecting and responding to ongoing attacks in real time, and, it causes high false alarm rate. On the other hand, one of the directions that are followed to build a profile is the data dependency model. Although this model is sufficient and related to the natural of database, it suffers from high false alarm rate. This means that it needs an enhancement to get its benefits and eliminate its drawbacks. This Paper aims to strengthen the database security via applying a DBID. To achieve this goal it develops an efficient IDS for DB and integrates it with DBMS for cooperation and completeness between the different parts in the security system. The experiments declare that the proposed model is an efficient DBIDS with a minimum false positive rate (nearly zero %) and maximum true positive rate (nearly 100%). Moreover, it is based on a novel method to build an accurate normal user profile and integrate it with access control. General TermsDatabase, Security.

show abstract

A Data-Centric Approach to Insider Attack Detection in Database Systems

Cited by 119 publications

References 33 publications

Insider Threats in Emerging Mobility-as-a-Service Scenarios

Insider Threats in Emerging Mobility-as-a-Service Scenarios

A Survey on the Detection of SQL Injection Attacks and Their Countermeasures

Database Security Protection based on a New Mechanism

Contact Info

Product

Resources

About