About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
2nd International ICST Conference on Scalable Information Systems

Research Article

Fast Detection of Database System Abuse Behaviors Based on Data Mining Approach

Download748 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.4108/infoscale.2007.916,
        author={Yubao Liu and Jiarong Cai and Zhilan Huang and Jingwen Yu and Jian Yin},
        title={Fast Detection of Database System Abuse Behaviors Based on Data Mining Approach},
        proceedings={2nd International ICST Conference on Scalable Information Systems},
        proceedings_a={INFOSCALE},
        year={2010},
        month={5},
        keywords={Data System Abuse Behaviors Access Profiles Maximal AccessProfiles FP-tree Anomaly-based Detection Model.},
        doi={10.4108/infoscale.2007.916}
    }
    
  • Yubao Liu
    Jiarong Cai
    Zhilan Huang
    Jingwen Yu
    Jian Yin
    Year: 2010
    Fast Detection of Database System Abuse Behaviors Based on Data Mining Approach
    INFOSCALE
    ICST
    DOI: 10.4108/infoscale.2007.916
Yubao Liu1,*, Jiarong Cai1,*, Zhilan Huang1,*, Jingwen Yu1,*, Jian Yin1,*
  • 1: Sun Yat-Sen University Department of Computer Science of Sun Yat-Sen University Guangzhou, China, 510275
*Contact email: liuyubao@mail.sysu.edu.cn, kelvin2004_cai@163.com, santahzl@gmail.com, yjw831@163.com, issjyin@mail.sysu.edu.cn

Abstract

Recently, the mining of system log datasets has be widely used in the system security application field such as the detection of abuse behaviors. At present, most of efforts concentrate on the network or operating system level. There are few works concentrated on database system application. In this paper, we present the concept of access profile to represent the user behavior characteristics of accessing database system and study the problem of mining maximal access profiles for fast detection of database system insider abuse behaviors by legitimate users. Based on the existing FP-tree structure, a new mining algorithm MMAP is presented for our problem. A new constraint of relation distance, which is based on the foreign key dependencies of relations, is also presented to reduce the mining algorithm search space. An anomaly-based detection model is build based on MMAP algorithm for performance experiments. The experimental results show that our approach works efficiently for detecting the abuse behaviors of database system.

Keywords
Data System Abuse Behaviors Access Profiles Maximal AccessProfiles FP-tree Anomaly-based Detection Model.
Published
2010-05-16
Modified
2011-09-11
http://dx.doi.org/10.4108/infoscale.2007.916
Copyright © 2007–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL