CFP last date
22 April 2024
Reseach Article

Database Security Protection based on a New Mechanism

by Amira Rezk, H. A. Ali, S. I. Barakat
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 49 - Number 19
Year of Publication: 2012
Authors: Amira Rezk, H. A. Ali, S. I. Barakat
10.5120/7879-1188

Amira Rezk, H. A. Ali, S. I. Barakat . Database Security Protection based on a New Mechanism. International Journal of Computer Applications. 49, 19 ( July 2012), 32-38. DOI=10.5120/7879-1188

@article{ 10.5120/7879-1188,
author = { Amira Rezk, H. A. Ali, S. I. Barakat },
title = { Database Security Protection based on a New Mechanism },
journal = { International Journal of Computer Applications },
issue_date = { July 2012 },
volume = { 49 },
number = { 19 },
month = { July },
year = { 2012 },
issn = { 0975-8887 },
pages = { 32-38 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume49/number19/7879-1188/ },
doi = { 10.5120/7879-1188 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T20:46:39.413022+05:30
%A Amira Rezk
%A H. A. Ali
%A S. I. Barakat
%T Database Security Protection based on a New Mechanism
%J International Journal of Computer Applications
%@ 0975-8887
%V 49
%N 19
%P 32-38
%D 2012
%I Foundation of Computer Science (FCS), NY, USA
Abstract

The database security is one of the important issues that should take a complete attention from researchers. Although applying the traditional security mechanisms, the database still violate from both of external and internal users. So, the researchers develop a Database Intrusion Detection System (DBIDS) to detect intrusion as soon as it occurs and override its malicious affects. The previous work developed a DBIDS as a third party product which is isolated from the DBMS security functions especially access controls. The lack of coordination and inter-operation between these two components prevent detecting and responding to ongoing attacks in real time, and, it causes high false alarm rate. On the other hand, one of the directions that are followed to build a profile is the data dependency model. Although this model is sufficient and related to the natural of database, it suffers from high false alarm rate. This means that it needs an enhancement to get its benefits and eliminate its drawbacks. This Paper aims to strengthen the database security via applying a DBID. To achieve this goal it develops an efficient IDS for DB and integrates it with DBMS for cooperation and completeness between the different parts in the security system. The experiments declare that the proposed model is an efficient DBIDS with a minimum false positive rate (nearly zero %) and maximum true positive rate (nearly 100%). Moreover, it is based on a novel method to build an accurate normal user profile and integrate it with access control.

References
  1. Elmasri, R. , and Navathe, S. B. 2007. fundamentals of database system, 5th edition, Addison wesley
  2. Vieira, M. , and Madeira, H. 2005. Detection of Malicious Transactions in DBMS. In Proceeding of the 11th pacific rim international symposium on dependable computing, 350-357
  3. Kamra, A. , Terzi, E. , and Bertino, E. , "Detecting anomalous access patterns in relational databases". VLDB journal, 17, 5, 2008, 1063-1077
  4. Clarke, J. 2009. SQL Injection Attacks and Defense. Syngress, Burligton, MA.
  5. Jin, X. , and Osborn, S. L. , 2007. Architecture for data collection in database intrusion detection systems. In Secure Data Management , Springer-Verlag, Berlin, 96–107
  6. Liu, P. 2002. Architectures for intrusion tolerant database systems. In Proceedings of the Annual Computer Security Applications Conference (ACSAC'02), 311-320
  7. Gu, G. , Fogla, P. , Dagon, D. , Lee, W. , and Skoric, B. 2006. Measuring Intrusion Detection Capability: An Information Theoretic Approach. In Proceedings of the ACM Symposium on Information, computer and communications security, 90-101.
  8. Solomon, G. , and Chapple, M. , 2005. Information Security Illuminated, Jones & Bartlett Learning, USA
  9. Rezk, A. , Ali, H. A. , Elmikkawy, M. , and Barakat, S. "Database intrusion detection system – A short survey", Accepted for publishing in Mansoura Journal of Computer and Information Sciences (MJCIS).
  10. Lee, S. Y. , Low, W. L. , and Wong, P. Y. , 2002. Learning fingerprints for a database intrusion detection system. In ESORICS, LNCS, vol. 2502, Gollmann, D. , Karjoth, G. , and Waidner, M. Springer, Heidelberg, 264–280
  11. Fonseca, J. , Vieira, M. , and Madeira, H. 2008. Online detection of malicious data access using DBMS auditing. In Proceedings of the ACM symposium on Applied computing (SAC'08), Brazil, 1013-1020.
  12. Fonseca, J. , Vieira, M. , and Madeira, H. 2007. Integrated intrusion detection in databases. In Proceeding of Third Latin-American Symposium on Dependable Computing (LADC 2007), Morelia, Mexico, September, 198- 211
  13. Chagarlamudi, M. , Panda, B. , Hu, Y. 2009. Insider threat in database systems: Preventing malicious users' activities in databases. In proceeding of Sixth International Conference on Information Technology: New Generations, 1616-1620
  14. Mathew, S. , Petropoulos, M. , Ngo, H. Q. and Upadhyaya, S. 2010. A data-centric approach to insider attack detection in database systems. In Recent Advances in Intrusion Detection (RAID) Symposium, Springer, 382- 401.
  15. Hu, Y. , and Panda, B. , 2004. A Data Mining Approach for Database Intrusion Detection. In ACM Symposium on Applied Computing, 711 – 716.
  16. Srivastava, A. , Sural, S. , and Majumdar, A. K. "Database intrusion detection using weighted sequence mining," Journal of Computers, VOL. 1, NO. 4, JULY 2006. 8-17
  17. Hashemi, S. , Yang, Y. , Zabihzadeh, D. , and Kangavari, M. "Detecting intrusion transactions in databases using data item dependencies and anomaly Analysis", Journal of Expert Systems, Vol. 25, No. 5, Blackwell Publishing Ltd, November 2008, 460-473
  18. Lewis, M. 2004. SQL Server Security Distilled, 2nd ed. , Apress, New York, NY
  19. Rezk, A. , Ali, H. A. , Elmikkawy, M. , and Barakat, S. , Integrating a Database Intrusion Detection System with Access Control. In proceeding of 5th international conference on intelligent computing and information system, Egypt, 2011, 46- 52
  20. Rezk, A. , Ali, H. A. , Elmikkawy, M. , and Barakat, S. , "Minimize the False Positive Rate in a Database Intrusion Detection System", International Journal of Computer Science & Information Technology (IJCSIT) Vol 3, No 5, Oct 2011, (DOI : 10. 5121/ijcsit. 2011. 3503), 29-38
  21. Wang, W. , and Yang, J. , 2005. Mining Sequential Patterns from Large Data Sets, Springer.
Index Terms

Computer Science
Information Sciences

Keywords

Database security Intrusion detection. Data dependency. Access Control