针对入侵检测的数据库应用行为监控

2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06) Pub Date : 2006-12-18 DOI:10.1109/PRDC.2006.46

J. Fonseca, M. Vieira, H. Madeira

{"title":"针对入侵检测的数据库应用行为监控","authors":"J. Fonseca, M. Vieira, H. Madeira","doi":"10.1109/PRDC.2006.46","DOIUrl":null,"url":null,"abstract":"Database management systems (DBMS) represent the ultimate layer in preventing malicious data access or corruption and implement several security mechanisms to protect data. However these mechanisms cannot always stop malicious users from accessing data by exploiting system vulnerabilities. The aim of this paper is to propose an intrusion detection mechanism for DBMS to fill this gap. Our approach consists of a comprehensive representation of user database utilization profiles to perform concurrent intrusion detection. Prior to the detection it is necessary to define and learn these utilization profiles. Profiles are defined using a three level abstraction and learned directly from monitoring the database utilization in real conditions. The proposed mechanism is generic and can be easily implemented in commercial and open-source DBMS","PeriodicalId":314915,"journal":{"name":"2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06)","volume":"43 12","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-12-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Monitoring Database Application Behavior for Intrusion Detection\",\"authors\":\"J. Fonseca, M. Vieira, H. Madeira\",\"doi\":\"10.1109/PRDC.2006.46\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Database management systems (DBMS) represent the ultimate layer in preventing malicious data access or corruption and implement several security mechanisms to protect data. However these mechanisms cannot always stop malicious users from accessing data by exploiting system vulnerabilities. The aim of this paper is to propose an intrusion detection mechanism for DBMS to fill this gap. Our approach consists of a comprehensive representation of user database utilization profiles to perform concurrent intrusion detection. Prior to the detection it is necessary to define and learn these utilization profiles. Profiles are defined using a three level abstraction and learned directly from monitoring the database utilization in real conditions. The proposed mechanism is generic and can be easily implemented in commercial and open-source DBMS\",\"PeriodicalId\":314915,\"journal\":{\"name\":\"2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06)\",\"volume\":\"43 12\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-12-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/PRDC.2006.46\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/PRDC.2006.46","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

数据库管理系统(DBMS)代表了防止恶意数据访问或损坏的最终层，并实现了几种安全机制来保护数据。然而，这些机制并不总是能够阻止恶意用户利用系统漏洞访问数据。本文的目的是提出一种数据库管理系统的入侵检测机制来填补这一空白。我们的方法包括用户数据库利用概况的综合表示来执行并发入侵检测。在检测之前，有必要定义和了解这些利用率配置文件。概要文件是使用三层抽象定义的，并直接从监视实际条件下的数据库利用率中学习。所提出的机制是通用的，可以很容易地在商业和开源DBMS中实现

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Monitoring Database Application Behavior for Intrusion Detection

Database management systems (DBMS) represent the ultimate layer in preventing malicious data access or corruption and implement several security mechanisms to protect data. However these mechanisms cannot always stop malicious users from accessing data by exploiting system vulnerabilities. The aim of this paper is to propose an intrusion detection mechanism for DBMS to fill this gap. Our approach consists of a comprehensive representation of user database utilization profiles to perform concurrent intrusion detection. Prior to the detection it is necessary to define and learn these utilization profiles. Profiles are defined using a three level abstraction and learned directly from monitoring the database utilization in real conditions. The proposed mechanism is generic and can be easily implemented in commercial and open-source DBMS

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2006 12th Pacific Rim International Symposium on Dependable Computing (PRDC'06)

自引率

0.00%

发文量