IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

DBMS Log Analytics for Detecting Insider Threats in Contemporary Organizations

DBMS Log Analytics for Detecting Insider Threats in Contemporary Organizations
View Sample PDF
Author(s): Muhammad Imran Khan (Insight Centre for Data Analytics, Ireland), Simon N. Foley (IMT Atlantique, France)and Barry O'Sullivan (University College Cork, Ireland)
 Copyright: 2019
 Pages: 28
 Source title: Security Frameworks in Contemporary Electronic Government
Source Author(s)/Editor(s): Ryma Abassi (Carthage University, Tunisia)and Aida Ben Chehida Douss (Carthage University, Tunisia)
 DOI: 10.4018/978-1-5225-5984-9.ch010

Purchase

View DBMS Log Analytics for Detecting Insider Threats in Contemporary Organizations on the publisher's website for pricing and purchasing information.

Abstract

Insiders are legitimate users of a system; however, they pose a threat because of their granted access privileges. Anomaly-based intrusion detection approaches have been shown to be effective in the detection of insiders' malicious behavior. Database management systems (DBMS) are the core of any contemporary organization enabling them to store and manage their data. Yet insiders may misuse their privileges to access stored data via a DBMS with malicious intentions. In this chapter, a taxonomy of anomalous DBMS access detection systems is presented. Secondly, an anomaly-based mechanism that detects insider attacks within a DBMS framework is proposed whereby a model of normative behavior of insiders n-grams are used to capture normal query patterns in a log of SQL queries generated from a synthetic banking application system. It is demonstrated that n-grams do capture the short-term correlations inherent in the application. This chapter also outlines challenges pertaining to the design of more effective anomaly-based intrusion detection systems to detect insider attacks.

Related Content

Azeem Khan, Noor Zaman Jhanjhi, Dayang Hajah Tiawa Binti Awang Haji Hamid, Haji Abdul Hafidz bin Haji Omar. © 2024. 30 pages.
Siva Raja Sindiramutty, Chong Eng Tan, Sei Ping Lau, Rajan Thangaveloo, Abdalla Hassan Gharib, Amaranadha Reddy Manchuri, Navid Ali Khan, Wee Jing Tee, Lalitha Muniandy. © 2024. 67 pages.
Ruchi Doshi, Kamal Kant Hiran. © 2024. 16 pages.
N. Ambika. © 2024. 9 pages.
Siva Raja Sindiramutty, Wee Jing Tee, Sumathi Balakrishnan, Sukhminder Kaur, Rajan Thangaveloo, Husin Jazri, Navid Ali Khan, Abdalla Gharib, Amaranadha Reddy Manchuri. © 2024. 54 pages.
Azeem Khan, NZ Jhanjhi, Dayang Hajah Tiawa Binti Awang Haji Hamid, Haji Abdul Hafidz bin Haji Omar. © 2024. 22 pages.
Azeem Khan, Noor Zaman Jhanjhi, Dayang Hajah Tiawa Binti Awang Haji Hamid, Haji Abdul Hafidz bin Haji Omar. © 2024. 36 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2024, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.