Learning Fingerprints for a Database Intrusion Detection System
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Auditing sum-queries to make a statistical database secure
ACM Transactions on Information and System Security (TISSEC)
Hi-index | 0.00 |
In this paper, the concept of Cumulated Anomaly is addressed, which describes a new type of database anomalies. A detection model, Dubiety-Determining Model (DDM), is proposed for it. The DDM can measure the dubiety degree of each database transaction quantitatively. We conducted experiments basing on the DDM. In our experiments, the DDM method calculates a real number for each audit record. That number is called dubiety degree, which indicates the possibility of being anomaly for each transaction. The experimental results demonstrate basic features, the feasibility, and the effectiveness of the method.