A method of database intrusion detection based on adaptive model

Yin Zhao Li; Huai Zhi Yan; Jia Zhang; Hai Tao He

A method of database intrusion detection based on adaptive model

Yin Zhao Li, Huai Zhi Yan^*, Jia Zhang, Hai Tao He

^*Corresponding author for this work

School of Computer Science and Technology

Research output: Contribution to journal › Article › peer-review

1 Citation (Scopus)

Abstract

A method of database intrusion detection based on adaptive model is proposed. First, the conception of mini-support function and attribute distance are defined. Then, a new association algorithm based on defined conception is proposed to extract operating characteristics in time window. The value of mini-support function can be dynamically adjusted, so operating characteristics could be extracted more efficiently. Furthermore, hierarchical clustering algorithm is applied to produce dynamic clustering rule base. The intrusion could be judged by computing the distance between operating characteristics and cluster in rule base. In this way, the problem of judging 'sharp boundary' in current database intrusion detection system could be avoided. In the progress of intrusion detection, characteristics of normal operation are absorbed by rule base, and rule base is updated in time. The experimental results show that the intrusion be detected has a high correct rate and a low false rate.

Original language	English
Pages (from-to)	258-262
Number of pages	5
Journal	Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology
Volume	32
Issue number	3
Publication status	Published - Mar 2012

Keywords

Association analysis
Cluster
Database security
Intrusion detection

Cite this

@article{fa51b71d30594599bb02cba7074976cc,

title = "A method of database intrusion detection based on adaptive model",

abstract = "A method of database intrusion detection based on adaptive model is proposed. First, the conception of mini-support function and attribute distance are defined. Then, a new association algorithm based on defined conception is proposed to extract operating characteristics in time window. The value of mini-support function can be dynamically adjusted, so operating characteristics could be extracted more efficiently. Furthermore, hierarchical clustering algorithm is applied to produce dynamic clustering rule base. The intrusion could be judged by computing the distance between operating characteristics and cluster in rule base. In this way, the problem of judging 'sharp boundary' in current database intrusion detection system could be avoided. In the progress of intrusion detection, characteristics of normal operation are absorbed by rule base, and rule base is updated in time. The experimental results show that the intrusion be detected has a high correct rate and a low false rate.",

keywords = "Association analysis, Cluster, Database security, Intrusion detection",

author = "Li, {Yin Zhao} and Yan, {Huai Zhi} and Jia Zhang and He, {Hai Tao}",

year = "2012",

month = mar,

language = "English",

volume = "32",

pages = "258--262",

journal = "Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology",

issn = "1001-0645",

publisher = "Beijing Institute of Technology",

number = "3",

}

TY - JOUR

T1 - A method of database intrusion detection based on adaptive model

AU - Li, Yin Zhao

AU - Yan, Huai Zhi

AU - Zhang, Jia

AU - He, Hai Tao

PY - 2012/3

Y1 - 2012/3

N2 - A method of database intrusion detection based on adaptive model is proposed. First, the conception of mini-support function and attribute distance are defined. Then, a new association algorithm based on defined conception is proposed to extract operating characteristics in time window. The value of mini-support function can be dynamically adjusted, so operating characteristics could be extracted more efficiently. Furthermore, hierarchical clustering algorithm is applied to produce dynamic clustering rule base. The intrusion could be judged by computing the distance between operating characteristics and cluster in rule base. In this way, the problem of judging 'sharp boundary' in current database intrusion detection system could be avoided. In the progress of intrusion detection, characteristics of normal operation are absorbed by rule base, and rule base is updated in time. The experimental results show that the intrusion be detected has a high correct rate and a low false rate.

AB - A method of database intrusion detection based on adaptive model is proposed. First, the conception of mini-support function and attribute distance are defined. Then, a new association algorithm based on defined conception is proposed to extract operating characteristics in time window. The value of mini-support function can be dynamically adjusted, so operating characteristics could be extracted more efficiently. Furthermore, hierarchical clustering algorithm is applied to produce dynamic clustering rule base. The intrusion could be judged by computing the distance between operating characteristics and cluster in rule base. In this way, the problem of judging 'sharp boundary' in current database intrusion detection system could be avoided. In the progress of intrusion detection, characteristics of normal operation are absorbed by rule base, and rule base is updated in time. The experimental results show that the intrusion be detected has a high correct rate and a low false rate.

KW - Association analysis

KW - Cluster

KW - Database security

KW - Intrusion detection

UR - http://www.scopus.com/inward/record.url?scp=84861677760&partnerID=8YFLogxK

M3 - Article

AN - SCOPUS:84861677760

SN - 1001-0645

VL - 32

SP - 258

EP - 262

JO - Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology

JF - Beijing Ligong Daxue Xuebao/Transaction of Beijing Institute of Technology

IS - 3

ER -

A method of database intrusion detection based on adaptive model

Abstract

Keywords

Other files and links

Fingerprint

Cite this