Abstract
This paper proposes an adaptive database intrusion detection model that can be resistant to potential insider misuse with a limited number of data. The intrusion detection model can be adapted online using evolutionary reinforcement learning (ERL) which combines reinforcement learning and evolutionary learning. The model consists of two feedforward neural networks, a behavior network and an evaluation network. The behavior network detects the intrusion, and the evaluation network provides feedback to the detection of the behavior network. To find the optimal model, we encode the weights of the networks as an individual and produce populations of better individuals over generations. TPC-E scenario-based virtual query data were used for verification of the proposed model. Experimental results show that the detection performance improves as the proposed model learns the intrusion adaptively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Wikipedia, Database Security (2017). https://en.wikipedia.org/wiki/Database_security
Katherine, N.: Cost of a data breach: $4 million. Benefits of responding quickly: Priceless, CSO (2016). http://www.csoonline.com/article/3083931/security/cost-of-a-data-breach-4-million-benefits-of-responding-quickly-priceless.html
Kamra, A., Bertino, E., Lebanon, G.: Mechanisms for database intrusion detection and response. In: Proceedings of the 2nd SIGMOD PhD Workshop on Innovative Database Research, pp. 31–36, June 2008
Bertino, E., Kamra, A., Early, J.P.: Profiling database application to detect SQL injection attacks. In: Performance, Computing, and Communications Conference, pp. 449–458, April 2007
Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P.N., Kumar, V., Srivastava, J., Dokas, P.: Minds-minnesota intrusion detection system. In: Next Generation Data Mining, pp. 199–218 (2004)
Lazarevic, A., Ertoz, L., Kumar, V., Ozgur, A., Srivastava, J.: A comparative study of anomaly detection schemes in network intrusion detection. In: Proceedings of the 2003 SIAM International Conference on Data Mining, pp. 25–36, May 2003
Ackley, D., Littman, M.: Interactions between learning and evolution. Artif. Life II 10, 487–509 (1991)
Ronao, C.A., Cho, S.B.: Anomalous query access detection in RBAC-administered databases with random forest and PCA. Inf. Sci. 369, 238–250 (2016)
Kumar, S., Spafford, E.H.: A pattern matching model for misuse intrusion detection (1994)
Bertino, E., Terzi, E., Kamra, A., Vakali, A.: Intrusion detection in RBAC-administered databases. In: Computer Security Applications Conference, 21st Annual, pp. 173–182, December 2005
Valeur, F., Mutz, D., Vigna, G.: A learning-based approach to the detection of SQL attacks. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 123–140, July 2005
Mathew, S., Petropoulos, M., Ngo, H.Q., Upadhyaya, S.: A data-centric approach to insider attack detection in database systems. In: International Workshop on Recent Advances in Intrusion Detection, pp. 382–401, September 2010
Chagarlamudi, M., Panda, B., Hu, Y.: Insider threat in database systems: preventing malicious users’ activities in databases. In: Information Technology: New Generations, pp. 1616–1620, April 2009
Montana, D.J., Davis, L.: Training Feedforward neural networks using genetic algorithms. In: IJCAI 1989, vol. 89, pp. 762–767, August 1989
Kitano, H.: Designing neural networks using genetic algorithms with graph generation system. Complex Syst. 4(4), 461–476 (1990)
Blickle, T., Thiele, L.: A comparison of selection schemes used in evolutionary algorithms. Evol. Comput. 4(4), 361–394 (1996)
Syswerda, G.: Uniform crossover in genetic algorthms. In: Proceedings of Third International Conference of Genetic Algorithms, pp. 2–9 (1989)
Acknowledgements.
This work was supported by Defense Acquisition Program Administration and Agency for Defense Development under the contract. (UD160066BD)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Choi, SG., Cho, SB. (2018). Adaptive Database Intrusion Detection Using Evolutionary Reinforcement Learning. In: Pérez García, H., Alfonso-Cendón, J., Sánchez González, L., Quintián, H., Corchado, E. (eds) International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding. SOCO ICEUTE CISIS 2017 2017 2017. Advances in Intelligent Systems and Computing, vol 649. Springer, Cham. https://doi.org/10.1007/978-3-319-67180-2_53
Download citation
DOI: https://doi.org/10.1007/978-3-319-67180-2_53
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67179-6
Online ISBN: 978-3-319-67180-2
eBook Packages: EngineeringEngineering (R0)