DEMIDS: a misuse detection system for database systems
Integrity and internal control information systems
Workflow management: models, methods, and systems
Workflow management: models, methods, and systems
Workflow mining: a survey of issues and approaches
Data & Knowledge Engineering
A data mining approach for database intrusion detection
Proceedings of the 2004 ACM symposium on Applied computing
Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology
Process Mining and Security: Detecting Anomalous Process Executions and Checking Process Conformance
Electronic Notes in Theoretical Computer Science (ENTCS)
Database intrusion detection using sequence alignment
International Journal of Information Security
Weighted intra-transactional rule mining for database intrusion detection
PAKDD'06 Proceedings of the 10th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining
A generic import framework for process event logs
BPM'06 Proceedings of the 2006 international conference on Business Process Management Workshops
The prom framework: a new era in process mining tool support
ICATPN'05 Proceedings of the 26th international conference on Applications and Theory of Petri Nets
Hi-index | 0.00 |
Nowadays, more and more organizations keep their valuable and sensitive data in Database Management Systems (DBMSs). The traditional database security mechanisms such as access control mechanisms, authentication, data encryption technologies do not offer a strong enough protection against the exploitation of vulnerabilities (e.g. intrusions) in DBMSs from insiders. Intrusion detection systems recently proposed in the literature focus on statistical approaches, which are not intuitive. Our research is the first ever effort to use process mining modeling low-level event logs for database intrusion detection. We have proposed a novel approach for visualizing database intrusion detection using process mining techniques. Our experiments showed that intrusion detection visualization will be able to help security officers who might not know deeply the complex system, identify the true positive detection and eliminate the false positive results.