DEMIDS: a misuse detection system for database systems
Integrity and internal control information systems
The Data Warehouse Lifecycle Toolkit: Expert Methods for Designing, Developing and Deploying Data Warehouses with CD Rom
Learning Fingerprints for a Database Intrusion Detection System
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
DAIS: A Real-Time Data Attack Isolation System for Commercial Database Applications
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Intrusion Detection in RBAC-administered Databases
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Detection of Malicious Transactions in DBMS
PRDC '05 Proceedings of the 11th Pacific Rim International Symposium on Dependable Computing
A Practical Approach for Automated Test Case Generation using Statecharts
COMPSAC '06 Proceedings of the 30th Annual International Computer Software and Applications Conference - Volume 02
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Database Intrusion Detection Using Role Profiling with Role Hierarchy
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Hi-index | 0.00 |
Database management systems (DBMS), which are the ultimate layer in preventing malicious data access or corruption, implement several security mechanisms to protect data. However these mechanisms cannot always stop malicious users from accessing the data by exploiting system vulnerabilities. In fact, when a malicious user accesses the database there is no effective way to detect and stop the attack in due time. This practical experience report presents a tool that implements concurrent intrusion detection in DBMS. This tool analyses the transactions the users execute and compares them with the profile of the authorized transactions that were previously learned in order to detect potential deviations. The tool was evaluated using the transactions from a standard database benchmark (TPC-W) and a real database application. Results show that the proposed intrusion detection tool can effectively detect SQL-based attacks with no false positives and no overhead to the server.