An effective log mining approach for database intrusion detection

Author

Yi Hu ; Campan, Alina ; Walden, James ; Vorobyeva, Irina ; Shelton, Justin

Author_Institution

Comput. Sci. Dept., Northern Kentucky Univ., Highland Heights, KY, USA

fYear

2010

fDate

10-13 Oct. 2010

Firstpage

2299

Lastpage

2306

Abstract

Organizations spend a significant amount of resources securing their servers and network perimeters. However, these mechanisms are not sufficient for protecting databases. In this paper, we present a new technique for identifying malicious database transactions. Compared to many existing approaches which profile SQL query structures and database user activities to detect intrusions, the novelty of this approach is the automatic discovery and use of essential data dependencies, namely, multi-dimensional and multi-level data dependencies, for identifying anomalous database transactions. Since essential data dependencies reflect semantic relationships among data items and are less likely to change than SQL query structures or database user behaviors, they are ideal for profiling data correlations for identifying malicious database activities.

Keywords

SQL; data mining; relational databases; security of data; database intrusion detection; database user activities; log mining approach; malicious database transactions; multidimensional data dependency; multilevel data dependency; profile SQL query structures; Databases; Data Mining; Database Security; Intrusion Detection;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems Man and Cybernetics (SMC), 2010 IEEE International Conference on

Conference_Location

Istanbul

ISSN

1062-922X

Print_ISBN

978-1-4244-6586-6

Type

conf

DOI

10.1109/ICSMC.2010.5641988

Filename

5641988