Research Article
A Novel Clustering Algorithm for Database Anomaly Detection
290 downloads
@INPROCEEDINGS{10.1007/978-3-319-28865-9_45, author={Jinkun Geng and Daren Ye and Ping Luo and Pin Lv}, title={A Novel Clustering Algorithm for Database Anomaly Detection}, proceedings={Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2016}, month={2}, keywords={Database anomaly detection Database security Cluster analysis Privilege pattern}, doi={10.1007/978-3-319-28865-9_45} }
- Jinkun Geng
Daren Ye
Ping Luo
Pin Lv
Year: 2016
A Novel Clustering Algorithm for Database Anomaly Detection
SECURECOMM
Springer
DOI: 10.1007/978-3-319-28865-9_45
Abstract
As a main method in database intrusion detection, database anomaly detection should be able to detect users’ operational behaviours for timely prevention of possible attacks and for guarantee of database security. Aiming at this, we apply cluster analysis techniques to anomaly detection and propose a novel density-based clustering algorithm called DBCAPSIC, which is adopted to clustering database users according to their behavior types and behavior frequencies. Privilege patterns are extracted from the clusters and serve as a reference in anomaly detection. The simulation experiment proves that the algorithm can recognize the anomalous operations with few mistakes.
Copyright © 2015–2024 ICST