Title :
A novel intrusion detection system model for securing web-based database systems
Author :
Wenhui, Shu ; Tan, T.D.H.
Author_Institution :
Inf. Syst. Res. Lab, NTU, Singapore, Singapore
fDate :
6/23/1905 12:00:00 AM
Abstract :
Intrusion detection (ID) has become an important technology for protecting information resources and databases from malicious attacks and information leakage. This paper proposes a novel two-layer mechanism to detect intrusions against a web-based database service. Layer one builds historical profiles based on audit trails and other log data provided by the web server and database server. Pre-alarms will be triggered if anomalies occurred. Layer two makes further analysis on the pre-alarms generated from Layer one. Such methods integrates the alarm context with the alarms themselves rather than a simple "analysis in isolation". This can reduce the error rates, especially false positives and greatly improve the accuracy of intrusion detection, alarm notification and hence more effective incident handling
Keywords :
Internet; database management systems; information resources; safety systems; security of data; alarm; database protection; information resources; intrusion detection system; web server; web-based database systems; Data analysis; Data security; Database systems; Error analysis; Information security; Information systems; Intrusion detection; Logic; Protection; Web server;
Conference_Titel :
Computer Software and Applications Conference, 2001. COMPSAC 2001. 25th Annual International
Conference_Location :
Chicago, IL
Print_ISBN :
0-7695-1372-7
DOI :
10.1109/CMPSAC.2001.960624
