Insider Threat in Database Systems: Preventing Malicious Users' Activities in Databases

Chagarlamudi, Manideep; Panda, Brajendra; Hu, Yi

doi:10.1109/itng.2009.67

Cited by 28 publications

(22 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [10], SQL statements are summarized as regular expressions, which are then considered "fingerprints" for legitimate transactions. In [11,12,13], database transactions are represented by directed graphs describing execution paths (select, insert, delete etc.) and these are used for malicious data access detection.…”

Section: Related Workmentioning

confidence: 99%

Database Security Protection based on a New Mechanism

Rezk¹,

Ali²,

Barakat³

2012

IJCA

View full text Add to dashboard Cite

The database security is one of the important issues that should take a complete attention from researchers. Although applying the traditional security mechanisms, the database still violate from both of external and internal users. So, the researchers develop a Database Intrusion Detection System (DBIDS) to detect intrusion as soon as it occurs and override its malicious affects. The previous work developed a DBIDS as a third party product which is isolated from the DBMS security functions especially access controls. The lack of coordination and inter-operation between these two components prevent detecting and responding to ongoing attacks in real time, and, it causes high false alarm rate. On the other hand, one of the directions that are followed to build a profile is the data dependency model. Although this model is sufficient and related to the natural of database, it suffers from high false alarm rate. This means that it needs an enhancement to get its benefits and eliminate its drawbacks. This Paper aims to strengthen the database security via applying a DBID. To achieve this goal it develops an efficient IDS for DB and integrates it with DBMS for cooperation and completeness between the different parts in the security system. The experiments declare that the proposed model is an efficient DBIDS with a minimum false positive rate (nearly zero %) and maximum true positive rate (nearly 100%). Moreover, it is based on a novel method to build an accurate normal user profile and integrate it with access control. General TermsDatabase, Security.

show abstract

Section: Related Workmentioning

confidence: 99%

Database Security Protection based on a New Mechanism

Rezk¹,

Ali²,

Barakat³

2012

IJCA

View full text Add to dashboard Cite

show abstract

“…McCormick assesses the threat of confidential data leakage, focusing on its most virulent form --insider data theft attacks [16]. Chagarlamudi et al present a model that can prevent malicious insider activities at the database application level [17]. Jabbour and Menasce present the Insider Threat Security Architecture (ITSA) and a security scenario where privileged users can compromise the system that they protect, and they discuss ways in which that same scenario can be mitigated under the ITSA framework [18].…”

Section: Related Workmentioning

confidence: 99%

System Dynamics Based Insider Threats Modeling

Yang¹,

Wang²

2011

IJNSA

View full text Add to dashboard Cite

show abstract

“…For instance, consider the dependency constraints between the two attributes a 1 and a 2 , that says the value of a 2 must equal c 3 when a 1 is in the range c 1 and c 2 . And a 2 must equal c 4 when the value of a 1 is less than c 1 ; otherwise, the value of a 2 is c 5 , where c 1 , c 2 , c 3 , c 4 and c 5 are constants. We use Petri Nets [13] to construct a dependency graph that represents all types of dependencies as well as constraints.…”

Section: Using Petri Nets For Representing Constraints and Dependenciesmentioning

confidence: 99%

“…Suppose that figure 7 represents the NIDG of a relational database, where the attributes a 1 and a 5 are in the table T 1 , a 2 is in the table T 2 , and a 3 , a 4 and a 6 are in the table T 3 . Also, assume that the set of attributes to which the insider has direct access is {a 1 }.…”

Section: An Example Scenariomentioning

confidence: 99%

“…To the best of our knowledge, except what is presented in [3] and [4], no other research has been performed exclusively on insider threat in relational databases. In order to clearly understand the problem with insider threat in relational database systems, this paper explains various types of dependencies between relational database data items that can be used by insiders to launch their attacks.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Predicting and Preventing Insider Threat in Relational Database Systems

Yaseen

Panda

2010

Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices

Self Cite

View full text Add to dashboard Cite

Abstract. This paper investigates the problem of insider threat in relational database systems. It defines various types of dependencies as well as constraints on dependencies that may be used by insiders to infer unauthorized information. Furthermore, it introduces the Constraint and Dependency Graph (CDG), and the Dependency Matrix that are used to represent dependencies and constraints on them. Furthermore, it presents an algorithm for constructing insiders knowledge graph, which shows the knowledgebase of insiders. In addition, the paper introduces the Threat Prediction Graph (TPG) to predict and prevent insider threat.

show abstract

Insider Threat in Database Systems: Preventing Malicious Users' Activities in Databases

Cited by 28 publications

References 5 publications

Database Security Protection based on a New Mechanism

Database Security Protection based on a New Mechanism

System Dynamics Based Insider Threats Modeling

Predicting and Preventing Insider Threat in Relational Database Systems

Contact Info

Product

Resources

About