A novel intrusion detection system model for securing web-based database systems

Author

Wenhui, Shu ; Tan, T.D.H.

Author_Institution

Inf. Syst. Res. Lab, NTU, Singapore, Singapore

fYear

2001

fDate

6/23/1905 12:00:00 AM

Firstpage

249

Lastpage

254

Abstract

Intrusion detection (ID) has become an important technology for protecting information resources and databases from malicious attacks and information leakage. This paper proposes a novel two-layer mechanism to detect intrusions against a web-based database service. Layer one builds historical profiles based on audit trails and other log data provided by the web server and database server. Pre-alarms will be triggered if anomalies occurred. Layer two makes further analysis on the pre-alarms generated from Layer one. Such methods integrates the alarm context with the alarms themselves rather than a simple "analysis in isolation". This can reduce the error rates, especially false positives and greatly improve the accuracy of intrusion detection, alarm notification and hence more effective incident handling

Keywords

Internet; database management systems; information resources; safety systems; security of data; alarm; database protection; information resources; intrusion detection system; web server; web-based database systems; Data analysis; Data security; Database systems; Error analysis; Information security; Information systems; Intrusion detection; Logic; Protection; Web server;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Software and Applications Conference, 2001. COMPSAC 2001. 25th Annual International

Conference_Location

Chicago, IL

ISSN

0730-3157

Print_ISBN

0-7695-1372-7

Type

conf

DOI

10.1109/CMPSAC.2001.960624

Filename

960624