2nd International ICST Conference on Scalable Information Systems

Research Article

A Dubiety-Determining based Model for Database Cumulated Anomaly Intrusion

Download376 downloads
  • @INPROCEEDINGS{10.4108/infoscale.2007.220,
        author={Gang Lu and Junkai Yi and Kevin L\'{y}},
        title={A Dubiety-Determining based Model for Database Cumulated Anomaly Intrusion},
        proceedings={2nd International ICST Conference on Scalable Information Systems},
        proceedings_a={INFOSCALE},
        year={2010},
        month={5},
        keywords={Database security Intrusion detection Anomaly intrusion.},
        doi={10.4108/infoscale.2007.220}
    }
    
  • Gang Lu
    Junkai Yi
    Kevin Lü
    Year: 2010
    A Dubiety-Determining based Model for Database Cumulated Anomaly Intrusion
    INFOSCALE
    ICST
    DOI: 10.4108/infoscale.2007.220
Gang Lu1,*, Junkai Yi1,*, Kevin Lü2,*
  • 1: SIST, BUCT Beijing 100029, China
  • 2: Brunel University Uxbridge UB8 3PH, UK
*Contact email: sizheng@126.com, yijk@mail.buct.edu.cn, kevin.lu@brunel.ac.uk

Abstract

In this paper, the concept of Cumulated Anomaly is addressed, which describes a new type of database anomalies. A detection model, Dubiety-Determining Model (DDM), is proposed for it. The DDM can measure the dubiety degree of each database transaction quantitatively. We conducted experiments basing on the DDM. In our experiments, the DDM method calculates a real number for each audit record. That number is called dubiety degree, which indicates the possibility of being anomaly for each transaction. The experimental results demonstrate basic features, the feasibility, and the effectiveness of the method.