A convolutional neural-based learning classifier system for detecting database intrusion via insider attack

Abstract Role-based access control (RBAC) in databases provides a valuable level of abstraction to promote security administration at the business enterprise level. With the capacity for adaptation and learning, machine learning algorithms are suitable for modeling normal data access patterns based on large amounts of data and presenting robust statistical models that are not sensitive to user changes. We propose a convolutional neural-based learning classifier system (CN-LCS) that models the role of queries by combining conventional learning classifier system (LCS) with convolutional neural network (CNN) for a database intrusion detection system based on the RBAC mechanism. The combination of modified Pittsburgh-style LCSs for the optimization of feature selection rules and one-dimensional CNNs for modeling and classification in place of traditional rule generation outperforms other machine learning classifiers on a synthetic query dataset. In order to quantitatively compare the inclusion of rule generation and modeling processes in the CN-LCS, we have conducted 10-fold cross-validation tests and analysis through a paired sampled t-test.

[1]  Xin Jin,et al.  Architecture for Data Collection in Database Intrusion Detection Systems , 2007, Secure Data Management.

[2]  Javier Bajo,et al.  A Distributed Hierarchical Multi-agent Architecture for Detecting Injections in SQL Queries , 2010, CISIS.

[3]  Jian Sun,et al.  Deep Residual Learning for Image Recognition , 2015, 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[4]  Kalyanmoy Deb,et al.  A fast and elitist multiobjective genetic algorithm: NSGA-II , 2002, IEEE Trans. Evol. Comput..

[5]  Adam Lipowski,et al.  Roulette-wheel selection via stochastic acceptance , 2011, ArXiv.

[6]  Sung-Bae Cho,et al.  Fusion of neural networks with fuzzy logic and genetic algorithm , 2002, Integr. Comput. Aided Eng..

[7]  Sin Yeung Lee,et al.  Learning Fingerprints for a Database Intrusion Detection System , 2002, ESORICS.

[8]  Jihoon Yang,et al.  Feature Subset Selection Using a Genetic Algorithm , 1998, IEEE Intell. Syst..

[9]  Xin Yao,et al.  Neural-Based Learning Classifier Systems , 2008, IEEE Transactions on Knowledge and Data Engineering.

[10]  P. Lanzi Extending the representation of classifier conditions part I: from binary to messy coding , 1999 .

[11]  Ashish Kamra,et al.  Survey of Machine Learning Methods for Database Security , 2009 .

[12]  Sung-Bae Cho,et al.  Evolutionary Learning of Modular Neural Networks with Genetic Programming , 1998, Applied Intelligence.

[13]  Stjepan Oreski,et al.  Genetic algorithm-based heuristic for feature selection in credit risk assessment , 2014, Expert Syst. Appl..

[14]  Xin Yao,et al.  A Survey on Evolutionary Computation Approaches to Feature Selection , 2016, IEEE Transactions on Evolutionary Computation.

[15]  Geoffrey E. Hinton,et al.  Deep Learning , 2015, Nature.

[16]  Yi Hu,et al.  A data mining approach for database intrusion detection , 2004, SAC '04.

[17]  Sung-Bae Cho,et al.  Anomalous query access detection in RBAC-administered databases with random forest and PCA , 2016, Inf. Sci..

[18]  Rushi Longadge,et al.  Class Imbalance Problem in Data Mining Review , 2013, ArXiv.

[19]  Hung Q. Ngo,et al.  A Data-Centric Approach to Insider Attack Detection in Database Systems , 2010, RAID.

[20]  Sushil Jajodia,et al.  Mining Malicious Corruption of Data with Hidden Markov Models , 2002, DBSec.

[21]  Elisa Bertino,et al.  Intrusion detection in RBAC-administered databases , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[22]  Cheng-Lung Huang,et al.  A GA-based feature selection and parameters optimizationfor support vector machines , 2006, Expert Syst. Appl..

[23]  Arputharaj Kannan,et al.  A genetic-algorithm based neural network short-term forecasting framework for database intrusion prediction system , 2006, Soft Comput..

[24]  Erik D. Goodman,et al.  Genetic Algorithms for Classification and Feature Extraction , 2016 .

[25]  Javier Bajo,et al.  idMAS-SQL: Intrusion Detection Based on MAS to Detect and Block SQL injection through data mining , 2013, Inf. Sci..

[26]  Stewart W. Wilson,et al.  Learning classifier systems: New models, successful applications , 2002, Inf. Process. Lett..

[27]  Deshdeepak Shrivastava,et al.  Data Mining Based Database Intrusion Detection System : A Survey * , 2012 .

[28]  Jasper Snoek,et al.  Spectral Representations for Convolutional Neural Networks , 2015, NIPS.

[29]  Stewart W. Wilson,et al.  Noname manuscript No. (will be inserted by the editor) Learning Classifier Systems: A Survey , 2022 .

[30]  Elisa Bertino,et al.  Detecting anomalous access patterns in relational databases , 2008, The VLDB Journal.

[31]  Elisa Bertino,et al.  Database security - concepts, approaches, and challenges , 2005, IEEE Transactions on Dependable and Secure Computing.

[32]  Stewart W. Wilson Mining Oblique Data with XCS , 2000, IWLCS.

[33]  Tara N. Sainath,et al.  Convolutional neural networks for small-footprint keyword spotting , 2015, INTERSPEECH.

[34]  Geoffrey E. Hinton,et al.  Visualizing Data using t-SNE , 2008 .

[35]  Sung-Bae Cho,et al.  A Hybrid System of Deep Learning and Learning Classifier System for Database Intrusion Detection , 2017, HAIS.

[36]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[37]  Martin V. Butz Kernel-based, ellipsoidal conditions in the real-valued XCS classifier system , 2005, GECCO '05.

[38]  Giovanni Vigna,et al.  A Learning-Based Approach to the Detection of SQL Attacks , 2005, DIMVA.

[39]  Yoshua Bengio,et al.  Random Search for Hyper-Parameter Optimization , 2012, J. Mach. Learn. Res..

[40]  Meg Murray,et al.  Database Security: What Students Need to Know , 2010, J. Inf. Technol. Educ. Innov. Pract..

[41]  Jason H. Moore,et al.  Learning classifier systems: a complete introduction, review, and roadmap , 2009 .

[42]  Sung-Bae Cho,et al.  Mining SQL Queries to Detect Anomalous Database Access using Random Forest and PCA , 2015, IEA/AIE.

[43]  Marco Colombetti,et al.  What Is a Learning Classifier System? , 1999, Learning Classifier Systems.

[44]  Guigang Zhang,et al.  Deep Learning , 2016, Int. J. Semantic Comput..

[45]  Ester Bernadó-Mansilla,et al.  Accuracy-Based Learning Classifier Systems: Models, Analysis and Applications to Classification Tasks , 2003, Evolutionary Computation.

[46]  L. Darrell Whitley,et al.  An Executable Model of a Simple Genetic Algorithm , 1992, FOGA.