Title :
A clustering method based on data queries and its application in database intrusion detection
Author :
Zhong, Yong ; Zhu, Zhen ; Qin, Xiao-Lin
Author_Institution :
Inf. & Educ. Technol. Center, Foshan Univ., China
Abstract :
Most of clustering methods assume that an attribute value of an object has a single value. However, in many fields, an attribute value for an object may be a set or a bag of values, such as the result set of a database query, which can be looked on as a set of attributes, whose values also can be a set or a bag of data. So the clustering problems of queries can be expressed as intersection problems of sets whose element also can be a set or a bag. The paper gives a method to compute similarity among queries and presents a cluster method based on it. The algorithm reads each query q in sequence, either assigning q to an existing cluster or creating q as a new cluster. At last, the application of the algorithm in database intrusion detection is shown and experiment results on synthetic and real data set are reported.
Keywords :
data mining; database management systems; pattern clustering; query processing; security of data; clustering method; data query; database security; intrusion detection; query similarity; Clustering algorithms; Clustering methods; Data analysis; Data security; Databases; Educational technology; Information science; Intrusion detection; Space technology; Statistics; Clustering algorithm; database security; intrusion detection; query similarity;
Conference_Titel :
Machine Learning and Cybernetics, 2005. Proceedings of 2005 International Conference on
Conference_Location :
Guangzhou, China
Print_ISBN :
0-7803-9091-1
DOI :
10.1109/ICMLC.2005.1527291
