Mechanisms for database intrusion detection and response

Ashish Kamra, Elisa Bertino, Guy Lebanon
2008 Proceedings of the 2nd SIGMOD PhD workshop on Innovative database research - IDAR '08  
Data represent today a valuable asset for companies and organizations and must be protected. Most of an organization's sensitive and proprietary data resides in a Database Management System (DBMS). The focus of this thesis is to develop advanced security solutions for protecting the data residing in a DBMS. Our strategy is to develop an Intrusion Detection (ID) mechanism, implemented within the database server, that is capable of detecting anomalous user requests to a DBMS. The key idea is to
more » ... he key idea is to learn profiles of users and applications interacting with a database. A database request that deviates from these profiles is then termed as anomalous. A major component of this work involves prototype implementation of this ID mechanism in the Post-greSQL database server. We also propose to augment the ID mechanism with an Intrusion Response engine that is capable of issuing an appropriate response to an anomalous database request.
doi:10.1145/1410308.1410318 fatcat:6kdk22xvojhbpizhmzqau4w7te