This paper describes a framework for highly distributed real-time monitoring approach to database security using Intelligent Multi-Agents. The intrusion prevention system described in this paper uses a combination of both statistical anomaly prevention and rule based misuse prevention in order to detect a misuser. The statistical anomaly prediction system employs ensemble Quickprop neural networks forecasting model, which predicts unauthorized invasions of user based on previous observations and takes further action before intrusion occurs. The experimental study is performed using real data provided by a major Corporate Bank. A comparative evaluation of the two ensemble networks over the individual networks was carried out using mean absolute percentage error on a prediction data set and a better prediction accuracy has been observed. The Misuse Prevention system uses a set of rules that define typical illegal user behavior. A separate rule subsystem is designed for this misuse detection system and it is known as Temporal Authorization Rule Markup Language (TARML). In order to reduce single point of failures in centralized security system, a dynamic distributed system has been designed in which the security management task is distributed across the network using Intelligent Multi-Agents.
[1]
Michael Gertz,et al.
Misuse Detection in Database Systems Through User Profiling
,
1999,
Recent Advances in Intrusion Detection.
[2]
John Pikoulas,et al.
Multivariate Bayesian Regression Applied to the Problem of Network Security
,
2002
.
[3]
William J Buchanan,et al.
An intelligent agent intrusion system
,
2002
.
[4]
William J. Buchanan,et al.
An intelligent agent security intrusion system
,
2002,
Proceedings Ninth Annual IEEE International Conference and Workshop on the Engineering of Computer-Based Systems.
[5]
Arputharaj Kannan,et al.
Quickprop Neural Network Short-Term Forecasting Framework for a Database Intrusion Prediction System
,
2004,
ICAISC.
[6]
P. Ramasubramanian,et al.
An active rule based approach to database security in e-commerce systems using temporal constraints
,
2003,
TENCON 2003. Conference on Convergent Technologies for Asia-Pacific Region.
[7]
Sin Yeung Lee,et al.
Learning Fingerprints for a Database Intrusion Detection System
,
2002,
ESORICS.