Skip to main content
SpringerLink
Log in

Adaptive Database Intrusion Detection Using Evolutionary Reinforcement Learning

  • Conference paper
  • First Online:
International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding (SOCO 2017, ICEUTE 2017, CISIS 2017)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 649))

Abstract

This paper proposes an adaptive database intrusion detection model that can be resistant to potential insider misuse with a limited number of data. The intrusion detection model can be adapted online using evolutionary reinforcement learning (ERL) which combines reinforcement learning and evolutionary learning. The model consists of two feedforward neural networks, a behavior network and an evaluation network. The behavior network detects the intrusion, and the evaluation network provides feedback to the detection of the behavior network. To find the optimal model, we encode the weights of the networks as an individual and produce populations of better individuals over generations. TPC-E scenario-based virtual query data were used for verification of the proposed model. Experimental results show that the detection performance improves as the proposed model learns the intrusion adaptively.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Wikipedia, Database Security (2017). https://en.wikipedia.org/wiki/Database_security

  2. Katherine, N.: Cost of a data breach: $4 million. Benefits of responding quickly: Priceless, CSO (2016). http://www.csoonline.com/article/3083931/security/cost-of-a-data-breach-4-million-benefits-of-responding-quickly-priceless.html

  3. Kamra, A., Bertino, E., Lebanon, G.: Mechanisms for database intrusion detection and response. In: Proceedings of the 2nd SIGMOD PhD Workshop on Innovative Database Research, pp. 31–36, June 2008

    Google Scholar 

  4. Bertino, E., Kamra, A., Early, J.P.: Profiling database application to detect SQL injection attacks. In: Performance, Computing, and Communications Conference, pp. 449–458, April 2007

    Google Scholar 

  5. Ertoz, L., Eilertson, E., Lazarevic, A., Tan, P.N., Kumar, V., Srivastava, J., Dokas, P.: Minds-minnesota intrusion detection system. In: Next Generation Data Mining, pp. 199–218 (2004)

    Google Scholar 

  6. Lazarevic, A., Ertoz, L., Kumar, V., Ozgur, A., Srivastava, J.: A comparative study of anomaly detection schemes in network intrusion detection. In: Proceedings of the 2003 SIAM International Conference on Data Mining, pp. 25–36, May 2003

    Google Scholar 

  7. Ackley, D., Littman, M.: Interactions between learning and evolution. Artif. Life II 10, 487–509 (1991)

    Google Scholar 

  8. Ronao, C.A., Cho, S.B.: Anomalous query access detection in RBAC-administered databases with random forest and PCA. Inf. Sci. 369, 238–250 (2016)

    Article  Google Scholar 

  9. Kumar, S., Spafford, E.H.: A pattern matching model for misuse intrusion detection (1994)

    Google Scholar 

  10. Bertino, E., Terzi, E., Kamra, A., Vakali, A.: Intrusion detection in RBAC-administered databases. In: Computer Security Applications Conference, 21st Annual, pp. 173–182, December 2005

    Google Scholar 

  11. Valeur, F., Mutz, D., Vigna, G.: A learning-based approach to the detection of SQL attacks. In: International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, pp. 123–140, July 2005

    Google Scholar 

  12. Mathew, S., Petropoulos, M., Ngo, H.Q., Upadhyaya, S.: A data-centric approach to insider attack detection in database systems. In: International Workshop on Recent Advances in Intrusion Detection, pp. 382–401, September 2010

    Google Scholar 

  13. Chagarlamudi, M., Panda, B., Hu, Y.: Insider threat in database systems: preventing malicious users’ activities in databases. In: Information Technology: New Generations, pp. 1616–1620, April 2009

    Google Scholar 

  14. Montana, D.J., Davis, L.: Training Feedforward neural networks using genetic algorithms. In: IJCAI 1989, vol. 89, pp. 762–767, August 1989

    Google Scholar 

  15. Kitano, H.: Designing neural networks using genetic algorithms with graph generation system. Complex Syst. 4(4), 461–476 (1990)

    MATH  Google Scholar 

  16. Blickle, T., Thiele, L.: A comparison of selection schemes used in evolutionary algorithms. Evol. Comput. 4(4), 361–394 (1996)

    Article  Google Scholar 

  17. Syswerda, G.: Uniform crossover in genetic algorthms. In: Proceedings of Third International Conference of Genetic Algorithms, pp. 2–9 (1989)

    Google Scholar 

Download references

Acknowledgements.

This work was supported by Defense Acquisition Program Administration and Agency for Defense Development under the contract. (UD160066BD)

Author information

Authors and Affiliations

  1. Graduate Program in Cognitive Science, Department of Computer Science, Yonsei University Seoul, Seoul, Republic of Korea

    Seul-Gi Choi & Sung-Bae Cho

Authors
  1. Seul-Gi Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sung-Bae Cho
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sung-Bae Cho .

Editor information

Editors and Affiliations

  1. University of Leon, Leon, Spain

    Hilde Pérez García

  2. University of Leon, Leon, Spain

    Javier Alfonso-Cendón

  3. University of Leon, Leon, Spain

    Lidia Sánchez González

  4. Department of Industrial Engineering, University of A Coruña, Ferrol, Spain

    Héctor Quintián

  5. University of Salamanca, Salamanca, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Cite this paper

Choi, SG., Cho, SB. (2018). Adaptive Database Intrusion Detection Using Evolutionary Reinforcement Learning. In: Pérez García, H., Alfonso-Cendón, J., Sánchez González, L., Quintián, H., Corchado, E. (eds) International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding. SOCO ICEUTE CISIS 2017 2017 2017. Advances in Intelligent Systems and Computing, vol 649. Springer, Cham. https://doi.org/10.1007/978-3-319-67180-2_53

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67180-2_53

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67179-6

  • Online ISBN: 978-3-319-67180-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation