Advertisement

D_DIPS: An Intrusion Prevention System for Database Security

  • Jiazhu Dai
  • Huaikou Miao
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3783)

Abstract

There is a growing security concern on the increasing number of databases that are accessible through the Internet because a variety of attacks do succeed to fool the existed database protection mechanisms in many applications. Defense-in-depth strategies like intrusion prevention is urgently needed for database security. Most of research on intrusion prevention focuses on preventing attacks on operating systems and computer networks. Few efforts have been put on database intrusion prevention. Design and implementation of a database intrusion prevention system D_DIPS is presented. The goal of D_DIPS is to detect attacks caused by malicious transactions and cancel them timely before they succeed. The D_DIPS prototype shows D_DIPS can detect and stop attacks of malicious transaction in real time with low false alarm rate.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Cholter, L.W., Narasimhan, P., Sterne, D., Balupari, R., Djahandari, K., Mani, A., Murphy, S.: IBAN: intrusion blocker based on active networks. In: Proceedings of DARPA Active Networks Conference and Exposition, pp. 182–192 (2002)Google Scholar
  2. 2.
    Janakiraman, R., Waldvogel, M., Zhang, Q.: Indra: a peer-to-peer approach to network intrusion detection and prevention. In: Proceedings of Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 226–231 (2003)Google Scholar
  3. 3.
    Ryutov, T., Neuman, C., Kim, D., Li, Z.: Integrated access control and intrusion detection for web servers. IEEE transactions on parallel and distributed systems 14(9), 841–850 (2003)CrossRefGoogle Scholar
  4. 4.
    Sekar, R., Uppuluri, P.: Synthesizing fast intrusion prevention/detection system from high-level specifications. In: Proceedings of the 8th USENIX security symposium, Washington, D.C. (1999)Google Scholar
  5. 5.
    Stevens, J., Saniepour, S.: SecureDirect: proactive security through content based traffic control. In: Proceedings of 17th International Conference on Advanced Information Networking and Applications, pp. 704–709 (2003)Google Scholar
  6. 6.
    Ammann, P., Jajodia, S., McCollum, C.D., et al.: Surviving information warfare attacks on databases. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 164–174 (1997)Google Scholar
  7. 7.
    Chung, C.Y., Gertz, M., Levitt, K.: DEMIDS: A misuse detection system for database systems. In: Proceedings of the 3rd International IFIP TC-11 WG11.5 Working Conference on Integrity and Internal Control in Information Systems, pp. 159–178 (1999)Google Scholar
  8. 8.
    Ingsriswang, S., Liu, P.: AAID: An application aware transaction-level database intrusion detection system. Technical Report, Dept. of Information Systems, UMBC (2001)Google Scholar
  9. 9.
    Lee, S.Y., Low, W.L., Wong, P.Y.: Learning fingerprints for a database intrusion detection system. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 264–279. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Lee, V., Stankovic, J., Son, S.: Intrusion detection in real-time database systems via time signatures. In: Proceedings of the 6th IEEE Sympoisum on Real Time Technology and Applications, pp. 124–133 (2000)Google Scholar
  11. 11.
    Low, W.L., Lee, S.Y., Teoh, P.: DIDAFIT:Detecting inrusion in databases through fingerprinting transactions. In: Proceedings of the 4th international conference on enterprise information system (ICEIS) (2002)Google Scholar
  12. 12.
    Shun W.H., Daniel, T.T.H.: A novel intrusion detection system model for securing web-based database systems. In: Proceedings - IEEE Computer Society’s International Computer Software and Applications Conference, pp. 249–254 (2001) Google Scholar
  13. 13.
    Stolfo, S., Fan, D., Lee, W., et al.: Credit card fraud detection using meta-learning: issues and initial results. In: Proceedings of AAAI Workshop: AI approach to fraud detection and risk management (1997)Google Scholar
  14. 14.
    Mattsson, U.T.: A practical implementation of a real-time intrusion prevention system for commercial enterprise databases: Management Information Systems. Data Mining V: Data Mining, Text Mining and their Business Applications v 10, 263–272 (2004)Google Scholar
  15. 15.
    Mattsson, U.T.: A real-time intrusion prevention system for commercial enterprise databases and file systems. In: Proceedings of the Third IASTED International Conference on Communications, Internet, and Information Technology, pp. 189–194 (2004)Google Scholar
  16. 16.
    Mattsson, U.T.: A real-time intrusion prevention system for enterprise databases, http://www.quest-pipelines.com/newsletter-v5/1104_B.htm

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Jiazhu Dai
    • 1
  • Huaikou Miao
    • 1
  1. 1.College of Computer Science and Engineering Shanghai UniversityShanghaiP.R. China

Personalised recommendations