Abstract
Information is considered to be the most valuable asset of any organization and hence, it should be securely maintained. However, rapid proliferation of the Internet and Web applications has increased the threat of information security breaches. Traditional database security mechanisms are often not sufficient to protect sensitive information against novel attacks. Intrusion detection systems (IDS) are used to detect any such intrusion, once traditional security mechanisms have been compromised. User-level profile is effective for database intrusion detection, but maintaining such profiles is not practical for an organization with a large number of users. Thus, an IDS needs to be flexible enough to choose a profile granularity according to the type of the organization. Further, only intra-transactional pattern matching for intrusion detection is not quite effective for detecting intrusion in a database. We propose an IDS that uses inter-transactional as well as intra-transactional features for intrusion detection. It supports selection of profile and transactional feature granularity as well. We use sequence alignment as a tool for comparing database access patterns of genuine users and intruders.
Similar content being viewed by others
References
Altschul S.F., Gish W., Miller W., Myers W., Lipman J.: Basic local alignment search tool. J. Mol. Biol. 215(3), 403–410 (1990)
Barbara, D., Goel, R., Jajodia, S.: Mining Malicious Data Corruption with Hidden Markov Models. In: Proceedings of the 16th annual IFIP WG 11.3 working conference on data and application security, pp. 175–189 (2002)
Ben-Natan R.: Implementing Database Security and Auditing, pp. 185–189. Elsevier Digital Press, Amsterdam (2005)
Bertino, E., Terzi, E., Kamra, A., Vakali, A.: Intrusion Detection in RBAC-Administered Databases. In: Proceedings of the 21st annual computer security applications conference (ACSAC), pp. 170–182 (2005)
Chung, C.Y., Gertz, M., Levitt, K.: DEMIDS: A Misuse Detection System for Database Systems. In: Proceedings of the integrity and internal control in information system, pp. 159–178 (1999)
Coull, S., Branch, J., Szymanski, B., Breimer, E.: Intrusion Detection: A Bioinformatics Approach. In: Proceedings of the annual computer security applications conference (ACSAC), pp. 24–33 (2003)
Heady, R., Luger, G., Maccabe, A., Servilla, M.: The Architecture of a Network Level Intrusion Detection System. Technical report, Computer Science Department, University of New Mexico (1990)
Hu, Y., Panda, B.: A Data Mining Approach for Database Intrusion Detection. In: Proceedings of the ACM symposium on applied computing, pp. 711–716 (2004)
Kou, C., Springsteel, F.: The Security Mechanism in the World Wide Web (WWW) and the Common Gateway Interface (CGI). In: Proceedings of the 31st IEEE international carnahan conference on security technology, pp. 114–119 (1997)
Lee, V., Stankovic, J., Son, S.: Intrusion Detection in Realtime Databases Via Time Signatures. In: Proceedings of the 6th IEEE real-time technology and applications symposium (RTAS), pp. 124–133 (2000)
Lee, S.Y., Low, W.L., Wong, P.Y.: Learning Fingerprints for a Database Intrusion Detection System. In: Proceedings of the 7th European symposium on research in computer security, pp. 264–280 (2002)
Needleman S.B., Wunsch C.D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. J. Mol. Biol. 48(3), 443–453 (1970)
Ning Z., Cox A.J., Mullikin J.C.: SSAHA: a fast search method for large DNA databases. Genome Res. 11(10), 1725–1729 (2001)
Pearson W.R., Lipman D.J.: Improved tools for biological sequence comparison. Proc. Natl. Acad. Sci. 85(8), 2444–2448 (1988)
Smith T.F., Waterman M.S.: Identification of common molecular subsequences. J. Mol. Biol. 147(1), 195–197 (1981)
Srivastava, A., Sural, S., Majumdar, A.K.: Weighted Intratransactional Rule Mining for Database Intrusion Detection. In: Proceedings of the Pacific-Asia knowledge discovery and data mining (PAKDD), lecture notes in artificial intelligence, Springer, pp. 611–620 (2006a)
Srivastava A., Sural S., Majumdar A.K.: Database intrusion detection using weighted sequence mining. J. Comput. 1(4), 8–17 (2006b)
Takeda, K.: The Application of Bioinformatics to Network Intrusion Detection. In: Proceedings of the international carnahan conference on security technology (CCST), pp. 130–132 (2005)
Telemedicine application, Indian Institute of Technology, Kharagpur, India. http://www.telemedik.iitkgp.ernet.in
Transaction processing performance council, TPC-W: a transactional web e-commerce benchmark. http://www.tpc.org/tpcw/default.asp
Wenhui, S., Tan, T.: A Novel Intrusion Detection System Model for Securing Web-Based Database Systems. In: Proceedings of the 25th annual international computer software and applications conference (COMPSAC), pp. 249–254 (2001)
Zhong, Y., Qin, X.: Database Intrusion Detection Based on User Query Frequent Itemsets Mining with Item Constraints. In: Proceeding of the 3rd international conference on information security, pp. 224–225 (2004)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kundu, A., Sural, S. & Majumdar, A.K. Database intrusion detection using sequence alignment. Int. J. Inf. Secur. 9, 179–191 (2010). https://doi.org/10.1007/s10207-010-0102-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-010-0102-5