Abstract
This research focuses on analyzing the cost effectiveness of a database intrusion detection system that uses dependencies among data items to detect malicious transactions. The model suggested in this paper considers three main factors: the quality of intrusion detection, the probability of intrusion, and the cost structure of an organization whose data is protected by the intrusion detection system. We developed a step by step approach that helps in determining the optimal configuration expressed by the response strategy and the threshold value. The experimental results show that our model is capable of finding the optimal configuration while taking the cost structure of an organization into consideration.
Research of Yermek Nugmanov and Brajendra Panda was supported in part by AFOSR under grant FA 9550-04-1-0429. Research of Yi Hu was supported in part by the KY NSF EPSCoR program.
Chapter PDF
Similar content being viewed by others
References
Richardson, R.: 2007 CSI Computer Crime and Security Survey, Computer Security Institute (2007), http://gocsi.com
Axelsson, S.: Intrusion Detection Systems: A Survey and Taxonomy, Department of Computer Engineering, Chalmers University of Technology, Goteborg, Sweden (2000), http://www.cs.chalmers.se/~sax/pub/
Axelsson, S.: The Base-rate Fallacy and the Difficulty of Intrusion Detection. ACM Transactions on Information and System Security 3(3), 186–205 (2000)
Cavusoglu, H., Misra, B., Raghunathan, S.: Optimal Configuration of Intrusion Detection Systems. In: Proc. Second Secure Knowledge Management Workshop, pp. 1–7 (2006)
Ulvila, J.W., Gaffney, J.E.: Evaluation of Intrusion Detection Systems. Journal of Research of the National Institute of Standards and Technology 108(6), 453–473 (2003)
Liu, P.: Architectures for Intrusion Tolerant Database Systems. In: Proc. 18th Annual Computer Security Applications Conference, pp. 311–320 (2002)
Srivastava, A., Sural, S., Majumdar, A.K.: Database Intrusion Detection using Weighted Sequence Mining. Journal of Computers 1(4), 8–17 (2006)
Bertino, E., Kamra, A., Terzi, E., Vakali, A.: Intrusion Detection in RBAC-administered Databases. In: Proc. 21st Annual Computer Security Applications Conference, pp. 170–182 (2005)
Lee, V., Stankovic, J., Son, S.: Intrusion Detection in Real-time Databases via Time Signatures. In: Proc. Sixth IEEE Real-Time Technology and Applications Symposium, pp. 124–133 (2000)
Chung, C., Gertz, M., Levitt, K.: DEMIDS: A Misuse Detection System for Database Systems. In: Proc. Integrity and Internal Control in Information Systems: Strategic Views on the Need for Control, IFIP TC11 WG11.5, Third Working Conference, pp. 159–178 (2000)
Hu, Y., Panda, B.: A Data Mining Approach for Database Intrusion Detection. In: Proceedings of the 19th ACM Symposium on Applied Computing, Nicosia, Cyprus (2004)
Hu, Y., Panda, B.: Design and Analysis of Techniques for Detection of Malicious Activities in Database Systems. Journal of Network and Systems Management 13(3), 269–291 (2005)
Lee, W., Fan, W., Miller, M., Stolfo, S.J., Zadok, E.: Toward Cost-Sensitive Modeling for Intrusion Detection and Response. Journal of Computer Security 10(1-2), 5–22 (2002)
Debar, H., Dacier, M., Wespi, A.: Towards a Taxonomy of Intrusion-Detection Systems. Computer Networks 31(8), 805–822 (1999)
Lippmann, R., Fried, D., Graf, I., Haines, J., Kendall, K., McClung, D., Weber, D., Webster, S., Wyschogrod, D., Cunningham, R., Zissman, M.: Evaluating Intrusion Detection Systems: The 1998 DARPA Off-line Intrusion Detection Evaluation. In: Proc. 2000 DARPA Information Survivability Conference and Exposition, vol. 2, pp. 12–26 (2000)
Cormen, T., Leiserson, C., Rivest, R., Stein, C.: Introduction to algorithms, 2nd edn., pp. 770–821. MIT Press, Cambridge (2001)
Grinstead, C., Snell, L.: Introduction to Probability, 2nd edn., pp. 325–360. American Mathematical Society, Providence (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Nugmanov, Y., Panda, B., Hu, Y. (2009). Analysis of Data Dependency Based Intrusion Detection System. In: Gudes, E., Vaidya, J. (eds) Data and Applications Security XXIII. DBSec 2009. Lecture Notes in Computer Science, vol 5645. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03007-9_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-03007-9_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03006-2
Online ISBN: 978-3-642-03007-9
eBook Packages: Computer ScienceComputer Science (R0)