2010
DOI: 10.1007/978-3-642-15512-3_20
|View full text |Cite
|
Sign up to set email alerts
|

A Data-Centric Approach to Insider Attack Detection in Database Systems

Abstract: Abstract. The insider threat against database management systems is a dangerous security problem. Authorized users may abuse legitimate privileges to masquerade as another user or to maliciously harvest data. We propose a new direction to address the problem. We model users' access patterns by profiling the data points that users access, in contrast to analyzing the query expressions in prior approaches. Our data-centric approach is based on the key observation that query syntax alone is a poor discriminator o… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
83
0

Year Published

2012
2012
2021
2021

Publication Types

Select...
6
2
2

Relationship

0
10

Authors

Journals

citations
Cited by 119 publications
(83 citation statements)
references
References 33 publications
0
83
0
Order By: Relevance
“…Among the most relevant works, Kamra et al [29] and Mathew et al [30] focus on the analysis of anomalous commands executed on databases. In particular, they proposed a syntax analysis system to detect anomalous queries; the former analyzed the submitted SQL queries, while the latter focused on data retrieved from queries.…”
Section: Informationmentioning
confidence: 99%
“…Among the most relevant works, Kamra et al [29] and Mathew et al [30] focus on the analysis of anomalous commands executed on databases. In particular, they proposed a syntax analysis system to detect anomalous queries; the former analyzed the submitted SQL queries, while the latter focused on data retrieved from queries.…”
Section: Informationmentioning
confidence: 99%
“…Mathew et al [15] proposed a methodology to address the problem of threats by an insider by presenting a feature extraction method to model users' access patterns. This paper emphasizes users' access patterns by profiling the data points that users' access.…”
Section: "A Data-centric Approach To Insider Attack Detection In Datamentioning
confidence: 99%
“…Semantic-based: interested with what the user is trying to access -the result of the query itself -rather than how he expresses it. [14] Introduces a data centric approach in which a user profile is built on what he accesses (i.e. the semantic of the query).…”
Section: Related Workmentioning
confidence: 99%