Title :
Mining data relationships for database damage assessment in a post information warfare scenario
Author :
Hu, Yi ; Panda, Brajendra
Author_Institution :
Arkansas Univ., Fayetteville, AR, USA
Abstract :
After the detection of a cyber attack on a database system, the intrusion response team of any organization needs to know the damage profile immediately in order to design an appropriate response strategy. Unfortunately obtaining the precise damage status can take up to hours even days. This is because existing approaches to database damage assessment involve significant amount of work including scanning the log file or other auxiliary data structures. Our approach concentrates on making an estimated damage profile as soon as possible. This model is based exclusively on a priori knowledge of data relationships mined during normal database operation phase. This knowledge can be used during damage assessment phase for faster damage assessment.
Keywords :
data mining; data structures; database management systems; security of data; cyber attack detection; data mining; data structure; database damage assessment; database operation phase; intrusion response team; post information warfare scenario; Data mining; Data structures; Database systems; Intrusion detection; Operating systems; Transaction databases; USA Councils;
Conference_Titel :
Information Assurance Workshop, 2004. Proceedings from the Fifth Annual IEEE SMC
Print_ISBN :
0-7803-8572-1
DOI :
10.1109/IAW.2004.1437845
