Process mining and security: visualization in database intrusion detection

Authors:
Viet H. Huynh;An N. T. Le
Affiliations:
University of Information Technology, Ho Chi Minh, Viet Nam;University of Information Technology, Ho Chi Minh, Viet Nam
Venue:
PAISI'12 Proceedings of the 2012 Pacific Asia conference on Intelligence and Security Informatics
Year:
2012

Citing 10
Cited 0

DEMIDS: a misuse detection system for database systems

Integrity and internal control information systems
Workflow management: models, methods, and systems

Workflow management: models, methods, and systems
Workflow mining: a survey of issues and approaches

Data & Knowledge Engineering
A data mining approach for database intrusion detection

Proceedings of the 2004 ACM symposium on Applied computing
Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations

Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Process Mining and Security: Detecting Anomalous Process Executions and Checking Process Conformance

Electronic Notes in Theoretical Computer Science (ENTCS)
Database intrusion detection using sequence alignment

International Journal of Information Security
Weighted intra-transactional rule mining for database intrusion detection

PAKDD'06 Proceedings of the 10th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining
A generic import framework for process event logs

BPM'06 Proceedings of the 2006 international conference on Business Process Management Workshops
The prom framework: a new era in process mining tool support

ICATPN'05 Proceedings of the 26th international conference on Applications and Theory of Petri Nets

Quantified Score

Hi-index	0.00

Visualization

Abstract

Nowadays, more and more organizations keep their valuable and sensitive data in Database Management Systems (DBMSs). The traditional database security mechanisms such as access control mechanisms, authentication, data encryption technologies do not offer a strong enough protection against the exploitation of vulnerabilities (e.g. intrusions) in DBMSs from insiders. Intrusion detection systems recently proposed in the literature focus on statistical approaches, which are not intuitive. Our research is the first ever effort to use process mining modeling low-level event logs for database intrusion detection. We have proposed a novel approach for visualizing database intrusion detection using process mining techniques. Our experiments showed that intrusion detection visualization will be able to help security officers who might not know deeply the complex system, identify the true positive detection and eliminate the false positive results.