Insider Threat in Database Systems: Preventing Malicious Users' Activities in Databases

被引：18

作者：

Chagarlamudi, Manideep ^{[1
]}

Panda, Brajendra ^{[1
]}

Hu, Yi ^{[2
]}

机构：

[1] Univ Arkansas, Dept Comp Sci & Comp Engn, Fayetteville, AR 72701 USA

[2] Northern Kentucky Univ, Dept Comp Sci, Highland Hts, KY 41099 USA

来源：

PROCEEDINGS OF THE 2009 SIXTH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY: NEW GENERATIONS, VOLS 1-3 | 2009年

关键词：

D O I：

10.1109/ITNG.2009.67

中图分类号：

TP18 [人工智能理论];

学科分类号：

081104 ; 0812 ; 0835 ; 1405 ;

摘要：

Existing database misuse detection systems are not well equipped to identify malicious activities carried out by legitimate users of the system. In this paper we present a model that can prevent malicious insider activities at the database application level. Our model is based on user tasks, each of which maps to several transactions. An implementation-oriented approach is described to validate these tasks as they are executed by authenticated users. Using simulation analysis we demonstrate the effectiveness of our method.

引用

页码：1616 / +

页数：2

共 10 条

[1]

ANDERSON RH, 2000, P RAND CORP WORKSH H

[2] Towards a theory of insider threat assessment [J].

Chinchani, R ;

Iyer, A ;

Ngo, HQ ;

Upadhyaya, S .

2005 INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS, PROCEEDINGS, 2005, :108-117

[3]

CHUNG CY, 1999, IICIS, P159

[4]

GANDHI M, 2005, THESIS U CALIFORNIA

[5]

HO P, 2004, THESIS U CALIFORNIA

[6]

HU Y, 2004, P 5 ANN IEEE INF ASS

[7]

Hu Y, 2003, P 7 INT DAT ENG APPL

[8] Database security and privacy [J].

Jajodia, S .

ACM COMPUTING SURVEYS, 1996, 28 (01) :129-131

[9] PETRI NETS - PROPERTIES, ANALYSIS AND APPLICATIONS [J].

MURATA, T .

PROCEEDINGS OF THE IEEE, 1989, 77 (04) :541-580

[10]

Park J., 2006, ICEMS SESS LS2D, P7

← 1 →