Process mining and security: visualization in database intrusion detection
PAISI'12 Proceedings of the 2012 Pacific Asia conference on Intelligence and Security Informatics
| Hi-index | 0.00 |
Information is considered to be the most valuable asset of any organization and hence, it should be securely maintained. However, rapid proliferation of the Internet and Web applications has increased the threat of information security breaches. Traditional database security mechanisms are often not sufficient to protect sensitive information against novel attacks. Intrusion detection systems (IDS) are used to detect any such intrusion, once traditional security mechanisms have been compromised. User-level profile is effective for database intrusion detection, but maintaining such profiles is not practical for an organization with a large number of users. Thus, an IDS needs to be flexible enough to choose a profile granularity according to the type of the organization. Further, only intra-transactional pattern matching for intrusion detection is not quite effective for detecting intrusion in a database. We propose an IDS that uses inter-transactional as well as intra-transactional features for intrusion detection. It supports selection of profile and transactional feature granularity as well. We use sequence alignment as a tool for comparing database access patterns of genuine users and intruders.