Weighted Intra-transactional Rule Mining for Database Intrusion Detection

Srivastava, Abhinav; Sural, Shamik; Majumdar, A. K.

doi:10.1007/11731139_71

Abhinav Srivastava²²,
Shamik Sural²² &
A. K. Majumdar²³

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3918))

Included in the following conference series:

Pacific-Asia Conference on Knowledge Discovery and Data Mining

3064 Accesses
21 Citations

Abstract

Data mining is the non-trivial process of identifying novel, potentially useful and understandable patterns in data. With most of the organizations starting on-line operations, the threat of security breaches is increasing. Since a database stores a lot of valuable information, its security has become paramount. One mechanism to safeguard the information in these databases is to use an intrusion detection system(IDS). In every database, there are a few attributes or columns that are more important to be tracked or sensed for malicious modifications as compared to the other attributes. In this paper, we propose an intrusion detection algorithm named weighted data dependency rule miner (WDDRM) for finding dependencies among the data items. The transactions that do not follow the extracted data dependency rules are marked as malicious. We show that WDDRM handles the modification of sensitive attributes quite accurately.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Han, J., Kamber, M.: Data Mining: Concepts and Techniques. Morgan Kaufmann Publishers, San Francisco (2001)
MATH Google Scholar
Fayyad, U., Shapiro, G.P., Smyth, P.: The KDD Process for Extracting Useful Knowledge from Volumes of data. Communications of the ACM, 27–34 (1996)
Google Scholar
Bace, R., Mell, P.: Intrusion Detection System, NIST Special Publication on Intrusion Detection System (2001)
Google Scholar
Lundin, E., Jonsson, E.: Survey of Intrusion Detection Research, Technical Report Chalmers University of Technology (2002)
Google Scholar
Lee, W., Stolfo, S.J.: Data Mining Approaches for Intrusion Detection. In: Proceedings of the USENIX Security Symposium, pp. 79–94 (1998)
Google Scholar
Barbara, D., Couto, J., Jajodia, S., Wu, N.: ADAM: A Testbed for Exploring the Use of Data Mining in Intrusion detection. In: ACM SIGMOD, pp. 15–24 (2001)
Google Scholar
Chung, C.Y., Gertz, M., Levitt, K.: DEMIDS: A Misuse Detection System for Database Systems. In: IFIP TC 11 WG 11.5 Working Conference on Integrity and Internal Control in Info mation System, pp. 159–178 (1999)
Google Scholar
Lee, V.C.S., Stankovic, J.A., Son, S.H.: Intrusion Detection in Real-time Database Systems Via Time Signatures. In: Proceedings of the Real Time Technology and Application Symposium, pp. 124–133 (2000)
Google Scholar
Lee, S.Y., Low, W.L., Wong, P.Y.: Learning Fingerprints for a Database Intrusion Detection System. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 264–280. Springer, Heidelberg (2002)
Chapter Google Scholar
Barbara, D., Goel, R., Jajodia, S.: Mining Malicious Data Corruption with Hidden Markov Models. In: IFIP WG 11.3 Working Conference on Data and Application Security, pp. 175–189 (2002)
Google Scholar
Zhong, Y., Qin, X.: Research on Algorithm of User Query Frequent Itemsets Mining. In: Proceedings of the Machine Learning and Cybernetics, pp. 1671–1676 (2004)
Google Scholar
Hu, Y., Panda, B.: A Data Mining Approach for Database Intrusion Detection. In: Proceedings of the ACM Symposium on Applied Computing, pp. 711–716 (2004)
Google Scholar
Julisch, K., Dacier, M.: Mining Intrusion Detection Alarms for Actionable Knowledge. In: Proceedings of the ACM SIGKDD Conference on Knowledge Discovery and Data Mining, pp. 366–375 (2002)
Google Scholar
Agrawal, R., Srikant, R.: Mining Sequential Patterns. In: Proceedings of the International Conference on Data Engineering, pp. 3–14 (1995)
Google Scholar

Download references

Author information

Authors and Affiliations

School of Information Technology, India
Abhinav Srivastava & Shamik Sural
Department of Computer Science & Engineering, Indian Institute of Technology, Kharagpur, India
A. K. Majumdar

Authors

Abhinav Srivastava
View author publications
You can also search for this author in PubMed Google Scholar
Shamik Sural
View author publications
You can also search for this author in PubMed Google Scholar
A. K. Majumdar
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Nanyang Technological University, Singapore
Wee-Keong Ng
Institute of Industrial Science, The University of Tokyo, 4-6-1 Komaba, Meguro-ku, 153-8505, Tokyo, Japan
Masaru Kitsuregawa
School of Computer Science and Technology, Heilongjiang University, China
Jianzhong Li
School of Computer Engineering, Nanyang Technological University, 639798, Singapore, Singapore
Kuiyu Chang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Srivastava, A., Sural, S., Majumdar, A.K. (2006). Weighted Intra-transactional Rule Mining for Database Intrusion Detection. In: Ng, WK., Kitsuregawa, M., Li, J., Chang, K. (eds) Advances in Knowledge Discovery and Data Mining. PAKDD 2006. Lecture Notes in Computer Science(), vol 3918. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11731139_71

Download citation

DOI: https://doi.org/10.1007/11731139_71
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-33206-0
Online ISBN: 978-3-540-33207-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics