Detecting intrusion transactions in databases using data item dependencies and anomaly analysis

Hashemi, Sattar; Yang, Ying; Zabihzadeh, Davoud; Kangavari, Mohammad Reza

doi:10.1111/j.1468-0394.2008.00467.x

Cited by 25 publications

(29 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sensitivity of an attribute signifies how important the attribute is, for tracking against malicious modifications. Researches in [17] also modify the work in [15] by extending the concept of malicious transactions from those that corrupt data to those that either read data or write data or do both without permission. The data-dependency models in [15,16,17] find the association rules between the data items without consideration to who accesses this data.…”

Section: Related Workmentioning

confidence: 99%

“…Researches in [17] also modify the work in [15] by extending the concept of malicious transactions from those that corrupt data to those that either read data or write data or do both without permission. The data-dependency models in [15,16,17] find the association rules between the data items without consideration to who accesses this data. This may generate a rule that conflicts with access control mechanism for some users, and this will cause false positives and violate the availability of the database for these users.…”

Section: Related Workmentioning

confidence: 99%

“…Data-dependency: This approach mines dependencies among attributes in a database. The transactions that do not follow these dependencies are marked as malicious transactions [15,16,17]. In [15], researchers pay attention to the sequences that include write operation and delete the sequences that contain read only operations because a write operation is more critical for the database.…”

Section: Related Workmentioning

confidence: 99%

“…Transactions that are not compliant to the data dependencies generated are flagged as anomalous transactions. This component of our approach follows the main concept of the data dependencies in [15,17] with minor modification. For more details and illustrated example review our models details in [19,20] …”

Section: Integrating Data Dependency Model With Access Controlmentioning

confidence: 99%

“…Overall, the powerful of the proposed DBIDS can be specified in two points; modifying the data dependency model for generating an accurate and efficient profile, and integrating the DBIDS with access control for minimizing the false rate and strengthening the database security. In order to clarify the benefit of each point separately, the data dependency model as discussed in [15,17] will be integrated with access control to prove that the integration can refine the performance. Then the modification of the data dependency model will be proposed.…”

Section: Proposed Modelmentioning

confidence: 99%

See 4 more Smart Citations

Database Security Protection based on a New Mechanism

Rezk¹,

Ali²,

Barakat³

2012

IJCA

View full text Add to dashboard Cite

The database security is one of the important issues that should take a complete attention from researchers. Although applying the traditional security mechanisms, the database still violate from both of external and internal users. So, the researchers develop a Database Intrusion Detection System (DBIDS) to detect intrusion as soon as it occurs and override its malicious affects. The previous work developed a DBIDS as a third party product which is isolated from the DBMS security functions especially access controls. The lack of coordination and inter-operation between these two components prevent detecting and responding to ongoing attacks in real time, and, it causes high false alarm rate. On the other hand, one of the directions that are followed to build a profile is the data dependency model. Although this model is sufficient and related to the natural of database, it suffers from high false alarm rate. This means that it needs an enhancement to get its benefits and eliminate its drawbacks. This Paper aims to strengthen the database security via applying a DBID. To achieve this goal it develops an efficient IDS for DB and integrates it with DBMS for cooperation and completeness between the different parts in the security system. The experiments declare that the proposed model is an efficient DBIDS with a minimum false positive rate (nearly zero %) and maximum true positive rate (nearly 100%). Moreover, it is based on a novel method to build an accurate normal user profile and integrate it with access control. General TermsDatabase, Security.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Integrating Data Dependency Model With Access Controlmentioning

confidence: 99%

Section: Proposed Modelmentioning

confidence: 99%

See 3 more Smart Citations

Database Security Protection based on a New Mechanism

Rezk¹,

Ali²,

Barakat³

2012

IJCA

View full text Add to dashboard Cite

show abstract

Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behaviour-Based Anomaly Detection Systems - A Brief Survey of Concepts and Approaches

Khan

Foley

O’Sullivan

2022

Communications in Computer and Information Science

View full text Add to dashboard Cite

One of the data security and privacy concerns is of insider threats, where legitimate users of the system abuse the access privileges they hold. The insider threat to data security means that an insider steals or leaks sensitive personal information.Database Intrusion detection systems, specifically behavioural-based database intrusion detection systems, have been shown effective in detecting insider attacks.This paper presents background concepts on database intrusion detection systems in the context of detecting insider threats and examines existing approaches in the literature on detecting malicious accesses by an insider to Database Management Systems (DBMS).

show abstract

A Study on Database Intrusion Detection Based on Query Execution Plans

Morzy,

Zakrzewicz

2024

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Detecting intrusion transactions in databases using data item dependencies and anomaly analysis

Cited by 25 publications

References 21 publications

Database Security Protection based on a New Mechanism

Database Security Protection based on a New Mechanism

Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behaviour-Based Anomaly Detection Systems - A Brief Survey of Concepts and Approaches

A Study on Database Intrusion Detection Based on Query Execution Plans

Contact Info

Product

Resources

About