Article Preview
TopExisting research work on database intrusion detection has been considered from the literature since the beginning of the 1990s. In the last few years, a large number of efforts have been utilized in this framework due to the prevailing threat to databases. Most of the researches are based on anomaly intrusion detection which requires a reference model to profile the normal behavior of users that helps the DIDS in detecting intrusive activities.
Lee et al. considered the temporal objects to identify intrusions (V. C. S. Lee, Stankovic, & Son, 2000). Time semantics of temporal data objects are employed in the investigation for real-time intrusion detection. Barbara et al. used Hidden Markov Model and time series to build the behavioral model that captures the dynamic behavior of users (Barbará, Goel, & Jajodia, 2003). Lee et al. designed a signature-based DIDS to detect database intrusions by comparing incoming SQL statements against a set of genuine transaction fingerprints (S. Y. Lee, Low, & Wong, 2007). Hu et al. considers the data dependency relationship among the data item and mine them to detect intrusions (Hu & Panda, 2004). Srivastava et al. proposed data mining based DIDS that consider the sensitivity of attributes which are obtained by mining the existing weighted data dependency rules (Srivastava, Sural, & Majumdar, 2006). Bertino et al. utilized the concept of RBAC for the first time to model a variety of roles instead of individual user behaviors by mining the database log files (Bertino et al., 2005).