Skip to main content
SpringerLink
Log in

An Anomaly Based Approach for Intrusion Detection by Authorized Users in Database Systems

  • Conference paper
Information Systems, Technology and Management (ICISTM 2010)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 54))

  • 1996 Accesses

Abstract

This paper is an attempt to introduce a new approach on increasing the security of database systems. Securing databases involves external as well as internal misuse detection and prevention. SQL injection handling and access control mechanism prevents misuse through unauthorized access to the database. This allows only those users to access database contents who are meant to use it. However, if there is an intentional or unintentional misuse by some authorized user, then it becomes very difficult to identify and prevent that misuse then and there only. Such misuse scenarios can be detected later by auditing the transaction log. Therefore the need for a robust query intrusion detection model for database system arises. The model proposed in this paper detects such types of misuses by authorized users and classifies them as legitimate or anomalous by analyzing the nature of queries they fire and tuning itself based on the responses to the alarms raised.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Zhong, Y., Zhu, Z., Qin, X.-L.: A clustering method based on data queries and its application in database intrusion detection. In: ICMLC 2005, Guangzhou, August 18-21, pp. 2096–2101 (2005)

    Google Scholar 

  2. Gopal, R.D., Goes, P.B., Garfinkel, R.S.: Interval Protection of Confidential Information in a Database. INFORMS Journal on Computing 10(3) (1998)

    Google Scholar 

  3. Caulkins, B., Lee, J., Morgan Wang, F.: A Dynamic Data Mining Technique for Intrusion Detection Systems. In: Proceedings of the 43rd annual Southeast regional conference, Kennesaw, Georgia, vol. 2, pp. 2148–2153 (2005)

    Google Scholar 

  4. Mokube, I., Adams, M.: Honeypots Concepts, Approaches, and Challenges. In: Proceedings of the 45th annual southeast regional conference, Winston-Salem, North Carolina, pp. 321–326 (2007)

    Google Scholar 

  5. Pavlou, K., Snodgrass, R.T.: Forensic Analysis of Database Tampering. In: Proceedings of the 2006 ACM SIGMOD International conference on Management of data, Chicago, IL, USA, pp. 109–120 (2006)

    Google Scholar 

  6. Ceri, S., Di Giunta, F., Lanzi, P.L.: Mining Constraint Violations. In: Proceedings of the 43rd annual Southeast regional conference, Kennesaw, Georgia, March 2007, vol. 2, pp. 1–32 (2007)

    Google Scholar 

  7. Hu, Y., Panda, B.: Identification of Malicious Transactions in Database Systems. In: Proceedings of the Seventh International Database Engineering and Applications Symposium (IDEAS 2003), pp. 1–7 (2003)

    Google Scholar 

  8. Yu, Z., Tsai, J.J.P., Weigert, T.: An Automatically Tuning Intrusion Detection System. IEEE Transactions On Systems, Man and Cybernetics, Cybernetics 37(2), 373–384 (2007)

    Article  Google Scholar 

  9. Bertino, E., Terzi, E., Kamra, A., Vakali, A.: Intrusion Detection in RBAC-administered Databases. In: Proceedings of the 21st Annual Computer Security Applications Conference 2005, pp. 170–182. IEEE, Los Alamitos (2005)

    Google Scholar 

  10. Lee, S.Y., Low, W.L., Wong, P.Y.: Learning Fingerprints for a Database Intrusion Detection System. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 264–279. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  11. Rietta, F.S.: Application Layer Intrusion Detection for SQL Injection. In: ACM SE 2006, Melbourne, Florida, USA, March 10-12, pp. 531–536 (2006)

    Google Scholar 

  12. Li, Z., Dad, A., Zhou, J.: Theoretical Basis for Intrusion Detection. In: Proceedings of the 2005 IEEE, Workshop on Information Assurance and Security United States Military Academy, West Point, NY, pp. 184–192 (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science Engineering and Information Technology, Jaypee Institute of Information Technology University, Noida, 201307, India

    Bharat Gupta, Deepak Arora & Vishal Jha

Authors
  1. Bharat Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Deepak Arora
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Vishal Jha
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Computer Science Department, Georgia State University, 34 Peachtree Street, 30303, Atlanta, GA, USA

    Sushil K. Prasad

  2. Tata Research, Development and Design Center (TRDDC), Pune, India

    Harrick M. Vin

  3. CISE Department, CSE 301, University of Florida, FL 32611, Gainesville, USA

    Sartaj Sahni

  4. Management Development Institute (MDI), Mehrauli Road, Sukhrali, Gurgaon, India

    Mahadeo P. Jaiswal

  5. Dept. of Computer Engineering, King Mongkut’s University of Technology, Thonburi, 10140, Bangkok, Thailand

    Bundit Thipakorn

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gupta, B., Arora, D., Jha, V. (2010). An Anomaly Based Approach for Intrusion Detection by Authorized Users in Database Systems. In: Prasad, S.K., Vin, H.M., Sahni, S., Jaiswal, M.P., Thipakorn, B. (eds) Information Systems, Technology and Management. ICISTM 2010. Communications in Computer and Information Science, vol 54. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12035-0_35

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-12035-0_35

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-12034-3

  • Online ISBN: 978-3-642-12035-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation