Mining Inter-transaction Data Dependencies for Database Intrusion Detection*

Hu, Yi; Panda, Brajendra

doi:10.1007/978-90-481-3658-2_12

Yi Hu² &
Brajendra Panda³

1005 Accesses
10 Citations

Abstract

Existing database security mechanisms are not sufficient for detecting malicious activities targeted at corrupting data. With the increase of attacks toward database-centered applications, an effective intrusion detection system is essential for application security. Although someresearches havebeen done on the database intrusion detection, methods for detecting anomalous activitiesin databases haveonly recently been explored in detail. In this paper, we present an approach employing inter-transaction data dependency mining fordetecting well-crafted attacks thatconsists a group of seemingly harmless database transactions. Our experiments illustrated the advantage of this new approach and validated the effectiveness of the model proposed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Hardcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

PGP Corporation’s 2006 annual study on the cost of data breaches. http://download.pgp.com/pdfs/Ponemon2-Breach-Survey_061020_F.pdf
Rietta, F.S. Application Layer Intrusion Detection for SQL Injection. In ACM Southeast Regional Conference, 2006.
Google Scholar
Ramasubramanian, P., Kannan, A. Intelligent multi-agent based database hybrid intrusion prevention system. In ADBIS 2004, LNCS, vol. 3255, pp. 393-408. Springer, Heidelberg, 2004.
Google Scholar
Valeur, F., Mutz, D., Vigna, G. A learning-based approach to the detection of SQL attacks. In DIMVA 2005, LNCS, vol. 3538, pp.123-140. Springer, Heidelberg, 2005.
Google Scholar
Bertino, E., Kamra, A., Terzi, E., Vakali, A. Intrusion Detecton in RBAC-administered databases. In ACSAC, pp. 170-182. IEEE Computer Society Press, Los Alamitos, 2005.
Google Scholar
Barbara, D., Goel, R., and Jajodia, S. Mining Malicious Data Corruption with Hidden Markov Models. In Proceedings of the 16th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Cambridge, England, July 2002.
Google Scholar
Chung, C., Gertz M., and Levitt, K. DEMIDS: A Misuse Detection System for Database Systems. In Third Annual IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems, Kluwer Academic Publishers, pages 159-178, November 1999.
Google Scholar
Lee, V. C.S., Stankovic, J. A., Son, S. H. Intrusion Detection in Real-time Database Systems Via Time Signatures. In Proceedings of the Sixth IEEE Real Time Technology and Applications Symposium, 2000.
Google Scholar
Hu, Y.and PandaB.A Data Mining Approach for Database Intrusion Detection.In Proceedings of the 19th ACM Symposium on Applied Computing, Nicosia, Cyprus, Mar. 2004.
Google Scholar
Hu, Y.and PandaB.Design and Analysis of Techniques for Detection of MaliciousActivities in Database Systems.Journal of Network and Systems Management, Vol. 13, No. 3, Sep. 2005.
Google Scholar
Srivastava, A.,Sural, S.,and Majumdar,A.Weighted Intra-transactional Rule Mining for Database Intrusion Detection. Advances in Knowledge Discovery and Data Mining. Vol. 3918, pp. 611-620, 2006.
Article Google Scholar
Fonseca, J., Vieira, M., and Madeira H. Monitoring Database Application Behavior for Intrusion Detection. In Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing, 2006.
Google Scholar
Agrawal, R. and Srikant, R. Mining Sequential Patterns. In Proceedings of the 1995 Int. Conf. Data Engineering, Taipei, Taiwan, March 1995. Pages 3 -14.
Google Scholar

Download references

Acknowledgment

Research of Brajendra Panda has been supported in part by US AFOSR under grant FA 9550-04-1-0429. We are thankful to Dr. Robert. L. Herklotz for his support, which made this work possible

Author information

Authors and Affiliations

Department of Computer Science, Northern Kentucky University, Highland Heights, KY, 41099, USA
Yi Hu
Computer Science and Computer Engineering Department, University of Arkansas, Fayetteville, AR, 72701, USA
Brajendra Panda

Authors

Yi Hu
View author publications
You can also search for this author in PubMed Google Scholar
Brajendra Panda
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Yi Hu .

Editor information

Editors and Affiliations

School of Engineering, University of Bridgeport, University Avenue 221, Bridgeport, 06604, U.S.A.
Tarek Sobh

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Hu, Y., Panda, B. (2010). Mining Inter-transaction Data Dependencies for Database Intrusion Detection*. In: Sobh, T. (eds) Innovations and Advances in Computer Sciences and Engineering. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-3658-2_12

Download citation

DOI: https://doi.org/10.1007/978-90-481-3658-2_12
Published: 28 December 2009
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-3657-5
Online ISBN: 978-90-481-3658-2
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics