Process mining and security: Visualization in database intrusion detection

Viet Huynh, An N T Le

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

5 Citations (Scopus)

Abstract

Nowadays, more and more organizations keep their valuable and sensitive data in Database Management Systems (DBMSs). The traditional database security mechanisms such as access control mechanisms, authentication, data encryption technologies do not offer a strong enough protection against the exploitation of vulnerabilities (e.g. intrusions) in DBMSs from insiders. Intrusion detection systems recently proposed in the literature focus on statistical approaches, which are not intuitive. Our research is the first ever effort to use process mining modeling low-level event logs for database intrusion detection. We have proposed a novel approach for visualizing database intrusion detection using process mining techniques. Our experiments showed that intrusion detection visualization will be able to help security officers who might not know deeply the complex system, identify the true positive detection and eliminate the false positive results.

Original languageEnglish
Title of host publicationIntelligence and Security Informatics
Subtitle of host publicationPacific Asia Workshop, PAISI 2012, Proceedings
Place of PublicationGermany
PublisherSpringer
Pages81-95
Number of pages15
ISBN (Electronic)978-3-642-30428-6
ISBN (Print)978-3-642-30427-9
DOIs
Publication statusPublished - 18 Jun 2012
Externally publishedYes
EventPacific Asia Workshop on Intelligence and Security Informatics (PAISI) 2012 - Kuala Lumpur, Malaysia
Duration: 29 May 201229 May 2012
https://link.springer.com/book/10.1007/978-3-642-30428-6 (Proceedings)

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7299 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Workshop

WorkshopPacific Asia Workshop on Intelligence and Security Informatics (PAISI) 2012
Abbreviated titlePAISI 2012
Country/TerritoryMalaysia
CityKuala Lumpur
Period29/05/1229/05/12
Internet address

Keywords

  • conformance
  • database intrusion detection
  • event log
  • intrusion detection
  • intrusion detection visualization
  • Process mining
  • security

Cite this