Skip to main content
SpringerLink
Log in

Database intrusion detection using sequence alignment

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Information is considered to be the most valuable asset of any organization and hence, it should be securely maintained. However, rapid proliferation of the Internet and Web applications has increased the threat of information security breaches. Traditional database security mechanisms are often not sufficient to protect sensitive information against novel attacks. Intrusion detection systems (IDS) are used to detect any such intrusion, once traditional security mechanisms have been compromised. User-level profile is effective for database intrusion detection, but maintaining such profiles is not practical for an organization with a large number of users. Thus, an IDS needs to be flexible enough to choose a profile granularity according to the type of the organization. Further, only intra-transactional pattern matching for intrusion detection is not quite effective for detecting intrusion in a database. We propose an IDS that uses inter-transactional as well as intra-transactional features for intrusion detection. It supports selection of profile and transactional feature granularity as well. We use sequence alignment as a tool for comparing database access patterns of genuine users and intruders.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Altschul S.F., Gish W., Miller W., Myers W., Lipman J.: Basic local alignment search tool. J. Mol. Biol. 215(3), 403–410 (1990)

    Google Scholar 

  2. Barbara, D., Goel, R., Jajodia, S.: Mining Malicious Data Corruption with Hidden Markov Models. In: Proceedings of the 16th annual IFIP WG 11.3 working conference on data and application security, pp. 175–189 (2002)

  3. Ben-Natan R.: Implementing Database Security and Auditing, pp. 185–189. Elsevier Digital Press, Amsterdam (2005)

    Google Scholar 

  4. Bertino, E., Terzi, E., Kamra, A., Vakali, A.: Intrusion Detection in RBAC-Administered Databases. In: Proceedings of the 21st annual computer security applications conference (ACSAC), pp. 170–182 (2005)

  5. Chung, C.Y., Gertz, M., Levitt, K.: DEMIDS: A Misuse Detection System for Database Systems. In: Proceedings of the integrity and internal control in information system, pp. 159–178 (1999)

  6. Coull, S., Branch, J., Szymanski, B., Breimer, E.: Intrusion Detection: A Bioinformatics Approach. In: Proceedings of the annual computer security applications conference (ACSAC), pp. 24–33 (2003)

  7. Heady, R., Luger, G., Maccabe, A., Servilla, M.: The Architecture of a Network Level Intrusion Detection System. Technical report, Computer Science Department, University of New Mexico (1990)

  8. Hu, Y., Panda, B.: A Data Mining Approach for Database Intrusion Detection. In: Proceedings of the ACM symposium on applied computing, pp. 711–716 (2004)

  9. Kou, C., Springsteel, F.: The Security Mechanism in the World Wide Web (WWW) and the Common Gateway Interface (CGI). In: Proceedings of the 31st IEEE international carnahan conference on security technology, pp. 114–119 (1997)

  10. Lee, V., Stankovic, J., Son, S.: Intrusion Detection in Realtime Databases Via Time Signatures. In: Proceedings of the 6th IEEE real-time technology and applications symposium (RTAS), pp. 124–133 (2000)

  11. Lee, S.Y., Low, W.L., Wong, P.Y.: Learning Fingerprints for a Database Intrusion Detection System. In: Proceedings of the 7th European symposium on research in computer security, pp. 264–280 (2002)

  12. Needleman S.B., Wunsch C.D.: A general method applicable to the search for similarities in the amino acid sequence of two proteins. J. Mol. Biol. 48(3), 443–453 (1970)

    Article  Google Scholar 

  13. Ning Z., Cox A.J., Mullikin J.C.: SSAHA: a fast search method for large DNA databases. Genome Res. 11(10), 1725–1729 (2001)

    Article  Google Scholar 

  14. Pearson W.R., Lipman D.J.: Improved tools for biological sequence comparison. Proc. Natl. Acad. Sci. 85(8), 2444–2448 (1988)

    Article  Google Scholar 

  15. Smith T.F., Waterman M.S.: Identification of common molecular subsequences. J. Mol. Biol. 147(1), 195–197 (1981)

    Article  Google Scholar 

  16. Srivastava, A., Sural, S., Majumdar, A.K.: Weighted Intratransactional Rule Mining for Database Intrusion Detection. In: Proceedings of the Pacific-Asia knowledge discovery and data mining (PAKDD), lecture notes in artificial intelligence, Springer, pp. 611–620 (2006a)

  17. Srivastava A., Sural S., Majumdar A.K.: Database intrusion detection using weighted sequence mining. J. Comput. 1(4), 8–17 (2006b)

    Google Scholar 

  18. Takeda, K.: The Application of Bioinformatics to Network Intrusion Detection. In: Proceedings of the international carnahan conference on security technology (CCST), pp. 130–132 (2005)

  19. Telemedicine application, Indian Institute of Technology, Kharagpur, India. http://www.telemedik.iitkgp.ernet.in

  20. Transaction processing performance council, TPC-W: a transactional web e-commerce benchmark. http://www.tpc.org/tpcw/default.asp

  21. Wenhui, S., Tan, T.: A Novel Intrusion Detection System Model for Securing Web-Based Database Systems. In: Proceedings of the 25th annual international computer software and applications conference (COMPSAC), pp. 249–254 (2001)

  22. Zhong, Y., Qin, X.: Database Intrusion Detection Based on User Query Frequent Itemsets Mining with Item Constraints. In: Proceeding of the 3rd international conference on information security, pp. 224–225 (2004)

Download references

Author information

Authors and Affiliations

  1. School of Information Technology, Indian Institute of Technology, Kharagpur, India

    Amlan Kundu & Shamik Sural

  2. Department of Computer Science & Engineering, Indian Institute of Technology, Kharagpur, India

    A. K. Majumdar

Authors
  1. Amlan Kundu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shamik Sural
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. A. K. Majumdar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shamik Sural.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Kundu, A., Sural, S. & Majumdar, A.K. Database intrusion detection using sequence alignment. Int. J. Inf. Secur. 9, 179–191 (2010). https://doi.org/10.1007/s10207-010-0102-5

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-010-0102-5

Keywords

Search

Navigation