A dubiety-determining based model for database cumulated anomaly intrusion

Authors:
Gang Lu;Junkai Yi;Kevin Lü
Affiliations:
BUCT, Beijing, China;BUCT, Beijing, China;Brunel University, Uxbridge, UK
Venue:
Proceedings of the 2nd international conference on Scalable information systems
Year:
2007

Citing 2
Cited 0

Learning Fingerprints for a Database Intrusion Detection System

ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Auditing sum-queries to make a statistical database secure

ACM Transactions on Information and System Security (TISSEC)

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, the concept of Cumulated Anomaly is addressed, which describes a new type of database anomalies. A detection model, Dubiety-Determining Model (DDM), is proposed for it. The DDM can measure the dubiety degree of each database transaction quantitatively. We conducted experiments basing on the DDM. In our experiments, the DDM method calculates a real number for each audit record. That number is called dubiety degree, which indicates the possibility of being anomaly for each transaction. The experimental results demonstrate basic features, the feasibility, and the effectiveness of the method.