Abstract
Nowadays, more and more organizations keep their valuable and sensitive data in Database Management Systems (DBMSs). The traditional database security mechanisms such as access control mechanisms, authentication, data encryption technologies do not offer a strong enough protection against the exploitation of vulnerabilities (e.g. intrusions) in DBMSs from insiders. Intrusion detection systems recently proposed in the literature focus on statistical approaches, which are not intuitive. Our research is the first ever effort to use process mining modeling low-level event logs for database intrusion detection. We have proposed a novel approach for visualizing database intrusion detection using process mining techniques. Our experiments showed that intrusion detection visualization will be able to help security officers who might not know deeply the complex system, identify the true positive detection and eliminate the false positive results.
Original language | English |
---|---|
Title of host publication | Intelligence and Security Informatics |
Subtitle of host publication | Pacific Asia Workshop, PAISI 2012, Proceedings |
Place of Publication | Germany |
Publisher | Springer |
Pages | 81-95 |
Number of pages | 15 |
ISBN (Electronic) | 978-3-642-30428-6 |
ISBN (Print) | 978-3-642-30427-9 |
DOIs | |
Publication status | Published - 18 Jun 2012 |
Externally published | Yes |
Event | Pacific Asia Workshop on Intelligence and Security Informatics (PAISI) 2012 - Kuala Lumpur, Malaysia Duration: 29 May 2012 → 29 May 2012 https://link.springer.com/book/10.1007/978-3-642-30428-6 (Proceedings) |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 7299 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Workshop
Workshop | Pacific Asia Workshop on Intelligence and Security Informatics (PAISI) 2012 |
---|---|
Abbreviated title | PAISI 2012 |
Country/Territory | Malaysia |
City | Kuala Lumpur |
Period | 29/05/12 → 29/05/12 |
Internet address |
|
Keywords
- conformance
- database intrusion detection
- event log
- intrusion detection
- intrusion detection visualization
- Process mining
- security