Abstract
Why is it important to have an intrusion detection (ID) mechanism tailored for a database management system (DBMS)? There are three main reasons for this. First, actions deemed malicious for a DBMS are not necessarily malicious for the underlying operating system or the network; thus ID systems designed for the latter may not be effective against database attacks. Second, organizations have stepped up data vigilance driven by various government regulations concerning data management such as SOX, GLBA, HIPAA and so forth. Third, and this is probably the most relevant reason, the problem of insider threats is being recognized as a major security threat; its solution requires among other techniques the adoption of mechanisms able to detect access anomalies by users internal to the organization owning the data.
The work reported here has been partially supported by the NSF grant 0712846 “IPS: Security Services for Healthcare Applications”.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Kamra, A., Bertino, E., Nehme, R.: Responding to anomalous database requests. In: Proceedings of Secure Data Management (SDM) (to appear, 2008)
Kamra, A., Bertino, E., Terzi, E.: Detecting anomalous access patterns in relational databases. VLDB Journal (2008)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kamra, A., Bertino, E. (2008). Database Intrusion Detection and Response. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds) Recent Advances in Intrusion Detection. RAID 2008. Lecture Notes in Computer Science, vol 5230. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87403-4_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-87403-4_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-87402-7
Online ISBN: 978-3-540-87403-4
eBook Packages: Computer ScienceComputer Science (R0)