QoS Management in Replicated Real Time Databases
RTSS '03 Proceedings of the 24th IEEE International Real-Time Systems Symposium
A data mining approach for database intrusion detection
Proceedings of the 2004 ACM symposium on Applied computing
A Bayesian Network Approach to Detecting Privacy Intrusion
WI-IATW '06 Proceedings of the 2006 IEEE/WIC/ACM international conference on Web Intelligence and Intelligent Agent Technology
Monitoring of Timing Constraints with Confidence Threshold Requirements
IEEE Transactions on Computers
Detecting anomalous access patterns in relational databases
The VLDB Journal — The International Journal on Very Large Data Bases
Mechanisms for database intrusion detection and response
Proceedings of the 2nd SIGMOD PhD workshop on Innovative database research
Analysis of Data Dependency Based Intrusion Detection System
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Detection of Database Intrusion Using a Two-Stage Fuzzy System
ISC '09 Proceedings of the 12th International Conference on Information Security
Database Intrusion Detection Using Role Profiling with Role Hierarchy
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Architecture for data collection in database intrusion detection systems
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
A data-centric approach to insider attack detection in database systems
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Towards mechanisms for detection and prevention of data exfiltration by insiders: keynote talk paper
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Weighted intra-transactional rule mining for database intrusion detection
PAKDD'06 Proceedings of the 10th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining
A comprehensive approach to anomaly detection in relational databases
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Succinct and fast accessible data structures for database damage assessment
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
D_DIPS: an intrusion prevention system for database security
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
A game-theoretic approach to credit card fraud detection
ICISS'05 Proceedings of the First international conference on Information Systems Security
A proposed model for data warehouse user behaviour using intrusion detection system
ACM SIGSOFT Software Engineering Notes
Two-stage database intrusion detection by combining multiple evidence and belief update
Information Systems Frontiers
| Hi-index | 0.01 |
In this paper, we describe a method for intrusion detection applied to real-time database systems. The novel idea pursued in this study is to exploit the real-time properties of data in intrusion detection. Data objects will be tagged with 驴time semantics驴 that capture expectations about update rates that are unknown to the intruders. This is not simply time stamping data. Our notion of time signatures can be used to detect violations of the security policy. For testing purposes, we use intruders that disguise themselves as 驴normal驴 transactions, and compare the ability of different numerically quantifiable measures to capture the behavior of the expected update and to recognize intrusions. For instance, by using a hidden periodic update rate, the system can detect unauthorized update requests, as they will likely not occur at the right time, thereby triggering an alarm to the system. The experimental results show that this technique could be a powerful discriminating measure to identify intruders with a low false alarm rate. While the results are presented for real-time databases, the idea is also applicable to traditional systems.