Northern Kentucky University
An Effective Log Mining Approach for Database Intrusion Detection
Institution
Northern Kentucky University
Faculty Advisor/ Mentor
Yi Hu; Alina Campan; James Walden
Abstract
Database is a critical component of today’s Web applications. Web applications permit users to remotely access sensitive data such as business transactions, personal financial information, and medical records. Organizations expend significant resources securing the network perimeter and servers. However, these mechanisms are not sufficient for protecting databases. We present a new technique for identifying malicious database transactions. Compared to many existing approaches, which profile SQL query structure and database user activities to detect intrusions, the novelty of this approach is the automatic discovery of essential data dependencies, namely, multi-dimensional and multi-level data dependencies, for identifying anomalous database transactions.
An Effective Log Mining Approach for Database Intrusion Detection
Database is a critical component of today’s Web applications. Web applications permit users to remotely access sensitive data such as business transactions, personal financial information, and medical records. Organizations expend significant resources securing the network perimeter and servers. However, these mechanisms are not sufficient for protecting databases. We present a new technique for identifying malicious database transactions. Compared to many existing approaches, which profile SQL query structure and database user activities to detect intrusions, the novelty of this approach is the automatic discovery of essential data dependencies, namely, multi-dimensional and multi-level data dependencies, for identifying anomalous database transactions.