Mining Inter-transaction Data Dependencies for Database Intrusion Detection

Existing database security mechanisms are not sufficient for detecting malicious activities targeted at corrupting data. With the increase of attacks toward database-centered applications, an effective intrusion detection system is essential for application security. Although someresearches havebeen done on the database intrusion detection, methods for detecting anomalous activitiesin databases haveonly recently been explored in detail. In this paper, we present an approach employing inter-transaction data dependency mining fordetecting well-crafted attacks thatconsists a group of seemingly harmless database transactions. Our experiments illustrated the advantage of this new approach and validated the effectiveness of the model proposed.

[1]  Elisa Bertino,et al.  Intrusion detection in RBAC-administered databases , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[2]  Marco Vieira,et al.  Monitoring Database Application Behavior for Intrusion Detection , 2006, 2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06).

[3]  Victor C. S. Lee,et al.  Intrusion detection in real-time database systems via time signatures , 2000, Proceedings Sixth IEEE Real-Time Technology and Applications Symposium. RTAS 2000.

[4]  Giovanni Vigna,et al.  A Learning-Based Approach to the Detection of SQL Attacks , 2005, DIMVA.

[5]  Abhinav Srivastava,et al.  Weighted Intra-transactional Rule Mining for Database Intrusion Detection , 2006, PAKDD.

[6]  Yi Hu,et al.  Design and Analysis of Techniques for Detection of Malicious Activities in Database Systems , 2005, Journal of Network and Systems Management.

[7]  Michael Gertz,et al.  DEMIDS: A Misuse Detection System for Database Systems , 2000, IICIS.

[8]  Yi Hu,et al.  A data mining approach for database intrusion detection , 2004, SAC '04.

[9]  Ramakrishnan Srikant,et al.  Mining sequential patterns , 1995, Proceedings of the Eleventh International Conference on Data Engineering.

[10]  Arputharaj Kannan,et al.  Intelligent Multi-agent Based Database Hybrid Intrusion Prevention System , 2004, ADBIS.

[11]  Frank S. Rietta Application layer intrusion detection for SQL injection , 2006, ACM-SE 44.