Indian Journal of Science and Technology

Open Access Open Access  Restricted Access Subscription Access

An overview of Anomaly Based Database Intrusion Detection Systems


Affiliations
1 Department of Computer Science, Shahid Bahonar University of Kerman, Kerman, Iran, Islamic Republic of
2 School of Electrical Engineering and Computer Sciences, Shiraz University, Shiraz, Iran, Islamic Republic of
3 Young Researchers Society, Shahid Bahonar University of Kerman, Kerman, Iran, Islamic Republic of
 

Database security is a crucial concern today. One mechanism for safeguarding information stored in database systems is to use an Intrusion Detection System (IDS). Recently researchers are working on using machine learning techniques to increase the accuracy of the detection malicious attacks on database systems; Such as mining data dependencies among data items, access patterns of users and learning SQL commands. In this paper, we survey some intrusion detection approaches, which use these techniques. Also, we discuss the advantages and disadvantages of the approaches and compare them with considering their different features.

Keywords

Security, Database Systems, Intrusion Detection, Machine Learning, Data Dependency
User

  • Agrawal R and Srikant R (1995) Mining sequential patterns. Proc. Int. Conf. Data Eng., Taipei, Taiwan. pp: 3-14.

  • Barbara D, Goel R and Jajodia S (2002) Mining malicious data corruption with hidden markov models. Proc. 16th Annual IFIP WG 11.3 Working Conf. Data & Appl. Sec., Cambridge, England.

  • Bertino E, Kamra A, Terzi E and Vakali A (2005) Intrusion detection in RBAC-administered databases. Proc. 21st Annual Comput. Sec. Appl. Conf. pp: 170-182.

  • Chung CY, Gertz M and Levitt K (2000) Demids, a misuse detection system for database systems. Integrity & Internal Control Info. Sys., Strategic Views on the Need for Control. Norwell, MA, Kluwer Acad. Publ. 159-178.

  • Ertoz L, Eilertson E, Lazarevic A, Tan P, Srivava J, Kumar V and Dokas P (2004) The MINDS – Minnesota intrusion detection system. In: Next Generation Data Mining. MA. MIT Press, Boston.

  • Frank J (1994) Artificial Intelligence and intrusion detection, current and future directions. Proc. 17th National Comput. Sec. Conf.

  • Hashemi S, Yang Y, Zabihzadeh D and Kangavari M (2008) Detecting intrusion transactions in databases using data item dependencies and anomaly analysis. Expert Sys. 25(5), 460-473.

  • Hu Y and Panda B (2004) A Data mining approach for database intrusion detection. Proc. ACM Sym. Appl. Comput. pp: 711-716.

  • Hu Y and Panda B (2010) Mining inter-transaction data dependencies for database intrusion detection. Innovations and Advances in Computer Science and Engineering. Sobh T (Ed.), Springer.

  • Javidi MM, Sohrabi M and Kuchaki Rafsanjani M (2010) Intrusion detection in database systems. Proc. FGCN 2010, Part II, CCIS. 120, 93-101.

  • Javitz HS and Valdes A (1991) The SRI IDES statistical anomaly detector. IEEE Sym. Sec. & Privacy.

  • Kamra A and Bertino E (2009) Survey of machine learning methods for database security. Machine Learn. Cyber Trust: Security, Privacy, and Reliability, Tsai JJP and Yu PS (Eds.) Springer-Verlag.

  • Kamra A, Terzi E and Bertino E (2008) Detecting anomalous access patterns in relational databases. The VLDB J. 17(5), 1063-1077.

  • Karjoth G (2003) Access control with IBM tivoli access manager. ACM Trans. Info. & Sys. Sec.(TISSEC). 6(2), 232-257.

  • Kuchaki Rafsanjani M (2010) Generalized intrusion detection in mobile ad hoc networks. Indian J. Sci. &. Technol. 3(10), 1098-1101.

  • Kuchaki Rafsanjani M, Aliahmadipour L and Javidi MM (2012) A hybrid Intrusion Detection by game theory approaches in MANET. Indian J. Sci. &. Technol. 5(2), 2123-2131.

  • Lee VC, Stankovic J and Son SH (2000) Intrusion detection in real-time database systems via time signatures. Proc. 6th IEEE Real Time Technol. & Appl. Sym.(RTAS’00). pp: 124.

  • Noel S, Wijesekera D and Youman C (2002) Modern intrusion detection, data mining, and degrees of attack guilt. Appl. Data Mining in Comput. Security. Dordrecht: Kluwer Academic.

  • Pinzón C, Herrero Á, De Paz JF, Corchado E and Bajo J (2010) CBRid4SQL. A CBR Intrusion detector for SQL injection attacks. Rodriguez ES, et al. (Eds) HAIS 2010, Part II, LNAI 6077. pp: 510-519.

  • Qin M and Hwang K (2004) Frequent episode rules for Internet traffic analysis and anomaly detection. Proc. IEEE Conf. Network Comput. & Appl. (NAC ’04). IEEE Press, NY.

  • Renjit JA and Shunmuganathan KL (2011) Network based anomaly intrusion detection system using SVM. Indian J. Sci. & Technol. 4(9), 1105-1108.

  • Sandhu R, Ferraiolo D and Kuhn R (2000) The NIST model for role based access control: Towards a unified standard. Proc. 5th ACM Workshop on Role Based Access Control.

  • Srivastava A, Sural S and Majumdar AK (2006) Database intrusion detection using weighted sequence mining. J. Comput. 1(4), 8-17.

  • Valeur F, Mutz D and Vigna G (2005) A learning-based approach to the detection of SQL attacks. Proc. Int. Conf. Detection of Intrusions & Malware, & Vulnerability Assessment (DIMVA).


Abstract Views: 512

PDF Views: 146




  • An overview of Anomaly Based Database Intrusion Detection Systems

Abstract Views: 512  |  PDF Views: 146

Authors

Mohammed Masoud Javidi
Department of Computer Science, Shahid Bahonar University of Kerman, Kerman, Iran, Islamic Republic of
Marjan Kuchaki Rafsanjani
Department of Computer Science, Shahid Bahonar University of Kerman, Kerman, Iran, Islamic Republic of
Sattar Hashemi
School of Electrical Engineering and Computer Sciences, Shiraz University, Shiraz, Iran, Islamic Republic of
Mina Sohrabi
Young Researchers Society, Shahid Bahonar University of Kerman, Kerman, Iran, Islamic Republic of

Abstract


Database security is a crucial concern today. One mechanism for safeguarding information stored in database systems is to use an Intrusion Detection System (IDS). Recently researchers are working on using machine learning techniques to increase the accuracy of the detection malicious attacks on database systems; Such as mining data dependencies among data items, access patterns of users and learning SQL commands. In this paper, we survey some intrusion detection approaches, which use these techniques. Also, we discuss the advantages and disadvantages of the approaches and compare them with considering their different features.

Keywords


Security, Database Systems, Intrusion Detection, Machine Learning, Data Dependency

References





DOI: https://doi.org/10.17485/ijst%2F2012%2Fv5i10%2F30934