Particle Swarm Optimization-Based CNN-LSTM Networks for Anomalous Query Access Control in RBAC-Administered Model

As most organizations and companies depend on the database to process confidential information, database security has received considerable attention in recent years. In the database security category, access control is the selective restriction of access to the system or information only by the authorized user. However, access control is difficult to prevent information leakage by structured query language (SQL) statements created by internal attackers. In this paper, we propose a hybrid anomalous query access control system to extract the features of the access behavior by parsing the query log with the assumption that the DBA has role-based access control (RBAC) and to detect the database access anomalies in the features using the particle swarm optimization (PSO)-based CNN-LSTM network. The CNN hierarchy can extract important features for role classification in the vector of elements that have converted the SQL queries, and the LSTM model is suitable for representing the sequential relationship of SQL query statements. The PSO automatically finds the optimal CNN-LSTM hyperparameters for access control. Our CNN-LSTM method achieves nearly perfect access control performance for very similar roles that were previously difficult to classify and explains important variables that influence the role classification. Finally, the PSO-based CNN-LSTM networks outperform other state-of-the-art machine learning techniques in the TPC-E scenario-based virtual query dataset.

[1]  Murat Kantarcioglu,et al.  A Dynamic Approach to Detect Anomalous Queries on Relational Databases , 2015, CODASPY.

[2]  Farooque Azam,et al.  Database Security and Encryption: A Survey Study , 2012 .

[3]  Mohammad Javad Golkar,et al.  A hybrid method consisting of GA and SVM for intrusion detection system , 2016, Neural Computing and Applications.

[4]  Sung-Bae Cho,et al.  Evolutionary Learning of Modular Neural Networks with Genetic Programming , 1998, Applied Intelligence.

[5]  Alyani Ismail,et al.  A New Intrusion Detection System Based on Fast Learning Network and Particle Swarm Optimization , 2018, IEEE Access.

[6]  Sung-Bae Cho,et al.  Web traffic anomaly detection using C-LSTM neural networks , 2018, Expert Syst. Appl..

[7]  Sung-Bae Cho,et al.  The Impact of Payoff Function and Local Interaction on the N-Player Iterated Prisoner's Dilemma , 2000, Knowledge and Information Systems.

[8]  Sung-Bae Cho,et al.  Anomalous query access detection in RBAC-administered databases with random forest and PCA , 2016, Inf. Sci..

[9]  Jés de Jesus Fiais Cerqueira,et al.  Using artificial neural network in intrusion detection systems to computer networks , 2017, 2017 9th Computer Science and Electronic Engineering (CEEC).

[10]  Kuheli Roy Sarkar Assessing insider threats to information security using technical, behavioural and organisational measures , 2010, Inf. Secur. Tech. Rep..

[11]  Xueqing Li,et al.  A Novel Distributed Database Solution Based on MySQL , 2015, 2015 7th International Conference on Information Technology in Medicine and Education (ITME).

[12]  D. Guan,et al.  ANOMALY NETWORK INTRUSION DETECTION USING HIDDEN MARKOV MODEL , 2016 .

[13]  Shubha Puthran,et al.  Intrusion Detection Using Improved Decision Tree Algorithm with Binary and Quad Split , 2016, SSCC.

[14]  Yuval Elovici,et al.  Database encryption: an overview of contemporary challenges and design considerations , 2010, SGMD.

[15]  S. DevikrishnaK An Artificial Neural Network based Intrusion Detection System and Classification of Attacks , 2013 .