Database intrusion detection using role profiling with role hierarchy

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 5776 LNCS, Issue , 2009, Pages 33-48

  Wu, Garfield Zhiping ^a   Osborn, Sylvia L ^a   Jin, Xin ^b  

^a UNIVERSITY OF WESTERN ONTARIO   (Canada)

^b MICROSOFT   (United States)

Author keywords

Database security; Insider threats; Intrusion detection; RBAC; Role profiling

Indexed keywords

ANOMALY-BASED INTRUSION DETECTION; COMPARATIVE EVALUATIONS; COMPUTER SYSTEM SECURITY; DATABASE MANAGEMENT SYSTEM; DATABASE SECURITY; FALSE NEGATIVE RATE; FALSE POSITIVE RATES; INSIDER THREAT; INSIDER THREATS; NORMAL BEHAVIOR; PROFILING METHODS; RBAC; ROLE HIERARCHY; ROLE PROFILING; ROLE-BASED ACCESS CONTROL; USER PROFILING;

ACCESS CONTROL; COMPUTER CRIME; INFORMATION MANAGEMENT; INTRUSION DETECTION; MANAGEMENT INFORMATION SYSTEMS; MINING; SPACE DIVISION MULTIPLE ACCESS;

DATABASE SYSTEMS;

EID: 70349863293     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-04219-5_3     Document Type: Conference Paper

References (16)

1. Bertino, E., Kamra, A., Terzi, E., Vakali, A.: Intrusion detection in RBACadministered databases. In: ACSAC, pp. 170-182. IEEE Computer Society, Los Alamitos (2005)
2. Bertino, E., Leggieri, T., Terzi, E.: Securing DBMS: Characterizing and detecting queryoods. In: Zhang, K., Zheng, Y. (eds.) ISC 2004. LNCS, vol.3225, pp. 195- 206. Springer, Heidelberg (2004)
3. Chung, C.Y., Gertz, M., Levitt, K.N.: DEMIDS: A misuse detection system for database systems. In: van Biene-Hershey, M.E., Strous, L. (eds.) IICIS, IFIP Conference Proceedings, vol.165, pp. 159-178. Kluwer, Dordrecht (1999)
4. Fonseca, J., Vieira, M., Madeira, H.: Integrated intrusion detection in databases. In: Bondavalli, A., Brasileiro, F., Rajsbaum, S. (eds.) LADC 2007. LNCS, vol.4746, pp. 198-211. Springer, Heidelberg (2007)
5. Heady, R., Luger, G., Maccabe, A., Servilla, M.: The architecture of a network level intrusion detection system. Technical report, University of New Mexico, Department of Computer Science (August 1990)
6. American National Standards Institute. For information technology - role-based access control. ANSI INCITS 359 (January 2004)
7. Kamra, A., Terzi, E., Bertino, E.: Detecting anomalous access patterns in relational databases. VLDB Journal 17(5), 1063-1077 (2008)
8. Lee, S.Y., Low, W.L., Wong, P.Y.: Learning fingerprints for a database intrusion detection system. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol.2502, pp. 264-280. Springer, Heidelberg (2002)
9. Lee, V.C.S., Stankovic, J.A., Son, S.H.: Intrusion detection in real-time database systems via time signatures. In: IEEE Real Time Technology and Applications Symposium, pp. 124-133 (2000)
10. Low, W.L., Lee, J., Teoh, P.: DIDAFIT: Detecting intrusions in databases through fingerprinting transactions. In: ICEIS, pp. 121-128 (2002)
11. Mitchell, T.: Machine Learning. McGraw-Hill, New York (1997)
12. Microsoft MSDN. AdventureWorks sample OLTP database, http://msdn. microsoft.com/en-us/library/ms124659.aspx (February 2009)
13. Nyanchama, M., Osborn, S.L.: The role graph model. In: ACM Workshop on Role- Based Access Control (1995)
14. Osborn, S.L., Sandhu, R., Munawer, Q.: Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security 3(2), 85-106 (2000)
15. Parker, D.B.: Crime by Computer, 1st edn. Charles Scribner's Sons, New York (1976)
16. Valeur, F., Mutz, D., Vigna, G.: A learning-based approach to the detection of SQL attacks. In: Julisch, K., Krügel, C. (eds.) DIMVA 2005. LNCS, vol.3548, pp. 123-140. Springer, Heidelberg (2005)