On the decidability of query containment under constraints
PODS '98 Proceedings of the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
Join synopses for approximate query answering
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
Ripple joins for online aggregation
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
On the foundations of the universal relation model
ACM Transactions on Database Systems (TODS)
Privacy-preserving data mining
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
DEMIDS: a misuse detection system for database systems
Integrity and internal control information systems
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Implementation of integrity constraints and views by query modification
SIGMOD '75 Proceedings of the 1975 ACM SIGMOD international conference on Management of data
Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Why and Where: A Characterization of Data Provenance
ICDT '01 Proceedings of the 8th International Conference on Database Theory
Simple Random Sampling from Relational Databases
VLDB '86 Proceedings of the 12th International Conference on Very Large Data Bases
A Novel Intrusion Detection System Model for Securing Web-based Database Systems
COMPSAC '01 Proceedings of the 25th International Computer Software and Applications Conference on Invigorating Software Development
Learning Fingerprints for a Database Intrusion Detection System
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Architectures for Intrusion Tolerant Database Systems
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Intrusion Detection in Real-Time Database Systems via Time Signatures
RTAS '00 Proceedings of the Sixth IEEE Real Time Technology and Applications Symposium (RTAS 2000)
Dynamic sample selection for approximate query processing
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Online detection of malicious data access using DBMS auditing
Proceedings of the 2008 ACM symposium on Applied computing
Detecting anomalous access patterns in relational databases
The VLDB Journal — The International Journal on Very Large Data Bases
DIWeDa - Detecting Intrusions in Web Databases
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
A comprehensive approach to anomaly detection in relational databases
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
A learning-based approach to the detection of SQL attacks
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Finding and analyzing database user sessions
DASFAA'05 Proceedings of the 10th international conference on Database Systems for Advanced Applications
Eliciting domain expert misuseability conceptions
Proceedings of the sixth international conference on Knowledge capture
Poster: applying unsupervised context-based analysis for detecting unauthorized data disclosure
Proceedings of the 18th ACM conference on Computer and communications security
Securing data warehouses from web-based intrusions
WISE'12 Proceedings of the 13th international conference on Web Information Systems Engineering
Guest editorial: A brief overview of data leakage and insider threats
Information Systems Frontiers
PostgreSQL anomalous query detector
Proceedings of the 16th International Conference on Extending Database Technology
Self-protecting and self-optimizing database systems: implementation and experimental evaluation
Proceedings of the 2013 ACM Cloud and Autonomic Computing Conference
A methodology and supporting techniques for the quantitative assessment of insider threats
Proceedings of the 2nd International Workshop on Dependability Issues in Cloud Computing
| Hi-index | 0.00 |
The insider threat against database management systems is a dangerous security problem. Authorized users may abuse legitimate privileges to masquerade as other users or to maliciously harvest data. We propose a new direction to address this problem. We model users' access patterns by profiling the data points that users access, in contrast to analyzing the query expressions in prior approaches. Our data-centric approach is based on the key observation that query syntax alone is a poor discriminator of user intent, which is much better rendered by what is accessed. We present a feature-extraction method to model users' access patterns. Statistical learning algorithms are trained and tested using data from a real Graduate Admission database. Experimental results indicate that the technique is very effective, accurate, and is promising in complementing existing database security solutions. Practical performance issues are also addressed.