Skip to main content
SpringerLink
Log in

Process Mining and Security: Visualization in Database Intrusion Detection

  • Conference paper
Book cover Intelligence and Security Informatics (PAISI 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7299))

Included in the following conference series:

Abstract

Nowadays, more and more organizations keep their valuable and sensitive data in Database Management Systems (DBMSs). The traditional database security mechanisms such as access control mechanisms, authentication, data encryption technologies do not offer a strong enough protection against the exploitation of vulnerabilities (e.g. intrusions) in DBMSs from insiders. Intrusion detection systems recently proposed in the literature focus on statistical approaches, which are not intuitive. Our research is the first ever effort to use process mining modeling low-level event logs for database intrusion detection. We have proposed a novel approach for visualizing database intrusion detection using process mining techniques. Our experiments showed that intrusion detection visualization will be able to help security officers who might not know deeply the complex system, identify the true positive detection and eliminate the false positive results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bace, R., Mell, P.: NIST special publication on intrusion detection systems nist special publication on intrusion detection systems. NIST Special Publication, p.151 (2001)

    Google Scholar 

  2. Chung, C.Y., Gertz, M., Levitt, K.N.: DEMIDS: A misuse detection system for database systems. In: Integrity and Internal Control in Information Systems, IFIP TC11 Working Group 11.5, pp. 159–178 (1999)

    Google Scholar 

  3. Gunther, C.W., Van der Aalst, W.M.P.: Mining activity clusters from low-level event logs. Technical report (2006)

    Google Scholar 

  4. Gunther, C.W., Van der Aalst, W.M.P.: A Generic Import Framework for Process Event Logs. In: Eder, J., Dustdar, S. (eds.) BPM Workshops 2006. LNCS, vol. 4103, pp. 81–92. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  5. Hu, Y., Panda, B.: A data mining approach for database intrusion detection. In: Proceedings of the 2004 ACM Symposium on Applied Computing (SAC 2004), New York, USA, pp. 711–716 (2004)

    Google Scholar 

  6. Kabiri, P., Ghorbani, A.A.: Research on intrusion detection and response: A survey. International Journal of Network Security 1(2), 84–102 (2005)

    Google Scholar 

  7. Kundu, A., Sural, S., Majumdar, A.K.: Database intrusion detection using sequence alignment. Int. J. Inf. Secur. 9, 179–191 (2010)

    Article  Google Scholar 

  8. Mansmann, F., Fischer, F., Keim, D.A., North, S.C.: Visual support for analyzing network traffic and intrusion detection events using TreeMap and graph representations. In: Proceedings of the Symposium on Computer Human Interaction for the Management of Information Technology (CHiMiT 2009), pp. 19–28 (2009)

    Google Scholar 

  9. Online. Transaction processing performance council, TPC-C (2009)

    Google Scholar 

  10. Srivastava, A., Sural, S., Majumdar, A.K.: Weighted Intra-transactional Rule Mining for Database Intrusion Detection. In: Ng, W.-K., Kitsuregawa, M., Li, J., Chang, K. (eds.) PAKDD 2006. LNCS (LNAI), vol. 3918, pp. 611–620. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Van der Aalst, W.M.P., Van Dongen, B.F., Herbst, J., Maruster, L., Schimm, G., Weijters, A.J.M.M.: Workflow mining: a survey of issues and approaches. Data and Knowledge Engineering 47, 237–267 (2003)

    Article  Google Scholar 

  12. Van Dongen, B.F., de Medeiros, A.K.A., Verbeek, H.M.W., Weijters, A.J.M.M., van der Aalst, W.M.P.: The ProM Framework: A New Era in Process Mining Tool Support. In: Ciardo, G., Darondeau, P. (eds.) ICATPN 2005. LNCS, vol. 3536, pp. 444–454. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  13. Van der Aalst, W.M.P., Alves de Medeiros, A.K.: Process mining and security: Detecting anomalous process executions and checking process conformance. Electronic Notes in Theoretical Computer Science 121(4), 3–21 (2005)

    Article  Google Scholar 

  14. Van der Aalst, W.M.P., Van Hee, K.M.: Workflow Management: Models, Methods, and Systems. MIT Press, Cambridge (2002)

    Google Scholar 

  15. Weijters, A.J.M.M., Van der Aalst, W.M.P., Alves de Medeiros, A.K.: Process mining with the heuristics miner algorithm. Technical report, Eindhoven University of Technology, Eindhoven (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Information Technology, Ho Chi Minh, Viet Nam

    Viet H. Huynh & An N. T. Le

Authors
  1. Viet H. Huynh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. An N. T. Le
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. The University of Hong Kong, 7/F Meng Wah Complex, Pokfulam, Hong Kong

    Michael Chau

  2. Virginia Tech, Blacksburg, VA, USA

    G. Alan Wang

  3. City University of Hong Kong, Hong Kong

    Wei Thoo Yue

  4. Artificial Intelligence Lab, University of Arizona, Tucson, Arizona, USA

    Hsinchun Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Huynh, V.H., Le, A.N.T. (2012). Process Mining and Security: Visualization in Database Intrusion Detection. In: Chau, M., Wang, G.A., Yue, W.T., Chen, H. (eds) Intelligence and Security Informatics. PAISI 2012. Lecture Notes in Computer Science, vol 7299. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-30428-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-30428-6_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-30427-9

  • Online ISBN: 978-3-642-30428-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation