DIWeDa - Detecting Intrusions in Web Databases

Authors:
Alex Roichman;Ehud Gudes
Affiliations:
Department of Computer Science, The Open University, Raanana, Israel;Department of Computer Science, The Open University, Raanana, Israel and Department of Computer Science, Ben-Gurion University, Beer-Sheva, Israel
Venue:
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Year:
2008

Citing 7
Cited 6

A data mining approach for database intrusion detection

Proceedings of the 2004 ACM symposium on Applied computing
Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)

Internet Denial of Service: Attack and Defense Mechanisms (Radia Perlman Computer Networking and Security)
Intrusion Detection in RBAC-administered Databases

ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Using parse tree validation to prevent SQL injection attacks

SEM '05 Proceedings of the 5th international workshop on Software engineering and middleware
Preventing SQL injection attacks using AMNESIA

Proceedings of the 28th international conference on Software engineering
Fine-grained access control to web databases

Proceedings of the 12th ACM symposium on Access control models and technologies
An evaluation of criteria for measuring the quality of clusters

IJCAI'99 Proceedings of the 16th international joint conference on Artificial intelligence - Volume 2

Learning SQL for Database Intrusion Detection Using Context-Sensitive Modelling (Extended Abstract)

DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
HengHa: data harvesting detection on hidden databases

Proceedings of the 2010 ACM workshop on Cloud computing security workshop
A data-centric approach to insider attack detection in database systems

RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Users tracking and roles mining in web-based applications

Proceedings of the 2011 Joint EDBT/ICDT Ph.D. Workshop
SENTINEL: securing database from logic flaws in web applications

Proceedings of the second ACM conference on Data and Application Security and Privacy
Self-protecting and self-optimizing database systems: implementation and experimental evaluation

Proceedings of the 2013 ACM Cloud and Autonomic Computing Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

There are many Intrusion Detection Systems (IDS) for networks and operating systems and there are few for Databases- despite the fact that the most valuable resources of every organization are in its databases. The number of database attacks has grown, especially since most databases are accessible from the web and satisfactory solutions to these kinds of attacks are still lacking.We present DIWeDa - a practical solution for detecting intrusions to web databases. Contrary to any existing database intrusion detection method, our method works at the session level and not at the SQL statement or transaction level. We use a novel SQL Session Content Anomaly intrusion classifier and this enables us to detect not only most known attacks such as SQL Injections, but also more complex kinds of attacks such as Business Logic Violations. Our experiments implemented the proposed intrusion detection system prototype and showed its feasibility and effectiveness.