Insider Usually Harder to defend Intrusion Detection and Containment in Database Systems 3.pdf
- 1、本文档共20页,可阅读全部内容。
- 2、原创力文档(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
- 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
Insider Usually Harder to defend Intrusion Detection and Containment in Database Systems 3
Intrusion Detection and Containment
in Database Systems
Abhijit Bhosale
M.Tech (IT)
School of Information Technology,
IIT Kharagpur
1 Nov 2004
Intrusion Detection and Containment
in Database Systems 2
Topics
Intrusion and Intrusion Detection
Intrusion Detection in Database Systems
Data Mining Approach
Intrusion Detection in Real-time Database Systems
Misuse Detection System for Database Systems
Recovery from Malicious Transactions
Malicious Activity Recovery Transaction (MART)
Repair using Transaction Dependency Graph
1 Nov 2004
Intrusion Detection and Containment
in Database Systems 3
Intrusion
Intrusion:
The act of wrongfully entering upon, seizing, or taking
possession of the property of another
Types of Attacks
? Outsider : Can be defended using physical protection and
strong network security mechanisms.
? Insider : Usually Harder to defend
1 Nov 2004
Intrusion Detection and Containment
in Database Systems 4
Intrusion Detection
Detection Techniques
Misuse Detection
? Detect know patterns of intrusions
Anomaly Detection
? Suspect the anomalous behaviors
1 Nov 2004
Intrusion Detection and Containment
in Database Systems 5
Intrusion Detection in
Databases
Under threat by insider attacks
Intruders get access to database
by employing SQL Injection to poorly coded web-based
applications or
by stealing password of legitimate user
Very few existing misuse detection systems have
concepts of misuse detection in database
systems
1 Nov 2004
Intrusion Detection and Containment
in Database Systems 6
Data Mining Approach
Proposed by Yi Hu and Brajendra Panda
Uses data dependencies (access correlation)
among the data items to generate association
rules
The rules give dependency of read/write
operations of some items on write operations of
some items
Less sensitive to user behavior changes
1 Nov 2004
Intrusion Detection and Containment
in Database Systems 7
Data Mining Approach (cont.)
Definitions
Sequence: It’s an ordered list of read and/or write ope
您可能关注的文档
- Hearing Conversation Training Material.ppt
- HearNPVP26蛋白的结构解析.docx
- Heart rate variability in free diving athletes..pdf
- Heat Shock Protein 70 Is Induced in Mouse Human Colon.pdf
- Heat shock-mediated APX gene expression and protection against chilling injury in rice seedlings.pdf
- Heat shock proteins in whiteflies, an insect that accumulates sorbitol in response to heat stress..pdf
- Heat shock proteins in cancer.pdf
- Heathrow_T5_Map.pdf
- Heattransfer and pressure drop correlations for the rectangular offsetstripfin compact heatexchanger.pdf
- Heavy Meson Description with a Screened Potential.pdf
文档评论(0)