Efficiently mining long patterns from databases
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Integrating association rule mining with relational database systems: alternatives and implications
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Mining frequent patterns without candidate generation
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
DEMIDS: a misuse detection system for database systems
Integrity and internal control information systems
Mining system audit data: opportunities and challenges
ACM SIGMOD Record
MAFIA: A Maximal Frequent Itemset Algorithm for Transactional Databases
Proceedings of the 17th International Conference on Data Engineering
Efficiently Mining Maximal Frequent Itemsets
ICDM '01 Proceedings of the 2001 IEEE International Conference on Data Mining
Mining Frequent Itemsets Using Support Constraints
VLDB '00 Proceedings of the 26th International Conference on Very Large Data Bases
Fast Algorithms for Mining Association Rules in Large Databases
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
Learning nonstationary models of normal network traffic for detecting novel attacks
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
ADMIT: anomaly-based data mining for intrusions
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Pushing Support Constraints Into Association Rules Mining
IEEE Transactions on Knowledge and Data Engineering
Constraint-Based Rule Mining in Large, Dense Databases
ICDE '99 Proceedings of the 15th International Conference on Data Engineering
Data Mining for Intrusion Detection: Techniques, Applications and Systems
ICDE '04 Proceedings of the 20th International Conference on Data Engineering
Pushing Convertible Constraints in Frequent Itemset Mining
Data Mining and Knowledge Discovery
Mining Frequent Itemsets without Support Threshold: With and without Item Constraints
IEEE Transactions on Knowledge and Data Engineering
Mining top-K frequent itemsets from data streams
Data Mining and Knowledge Discovery
Anomalous payload-based worm detection and signature generation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Hi-index | 0.00 |
Recently, the mining of system log datasets has be widely used in the system security application field such as the detection of abuse behaviors. At present, most of efforts concentrate on the network or operating system level. There are few works concentrated on database system application. In this paper, we present the concept of access profile to represent the user behavior characteristics of accessing database system and study the problem of mining maximal access profiles for fast detection of database system insider abuse behaviors by legitimate users. Based on the existing FP-tree structure, a new mining algorithm MMAP is presented for our problem. A new constraint of relation distance, which is based on the foreign key dependencies of relations, is also presented to reduce the mining algorithm search space. An anomaly-based detection model is build based on MMAP algorithm for performance experiments. The experimental results show that our approach works efficiently for detecting the abuse behaviors of database system.