Abstract
In this paper, we propose an approach for detection of database privilege abuse in Role Based Access Control (RBAC) administered database. The proposed approach extracts the data dependencies among the attributes of relations of the database. Role based data dependency rule miner (RBDDRM) algorithm is used to mine role-wise data dependencies from database log. These data dependencies are considered as role profiles, which are used to detect the misuse of privileges by database users.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
22 million user IDs may have been stolen from Yahoo Japane. http://www.infosecurity-magazine.com/view/32498/22-million-user-ids-may-havebeen-stolen-fromyahoojapan?utm_medium=twitterutm_source=twitterfeed (2013) [Online; Accessed July 2013]
2010 Data Breach Investigations Report. http://www.verizonenterprise.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf (2013) [Online; Accessed July 2013]
Hu, Y., Panda, B.: A data mining approach for database intrusion detection. In: Proceedings of the 2004 ACM Symposium on Applied Computing, pp. 711–716. ACM (2004)
Bertino, E., Sandhu, R.: Database security-concepts, approaches, and challenges. Dependable Secure Comput. IEEE Trans. 2(1), 2–19 (2005)
Javidi, M.M., Rafsanjani, M.K., Hashemi, S., Sohrabi, M.: An overview of anomaly based database intrusion detection systems. Ind. J. Sci. Technol. 5(10), 3550–3559 (2012)
Chung, C.Y., Gertz, M., Levitt, K.: Demids: a misuse detection system for database systems. In: Integrity and Internal Control in Information Systems, pp. 159–178. Springer, Berlin (2000)
Lee, V.C., Stankovic, J.A., Son, S.H.: Intrusion detection in real-time database systems via time signatures. In: Real-Time Technology and Applications Symposium, 2000. RTAS 2000. Proceedings of Sixth IEEE, pp. 124–133. IEEE (2000)
Lee, S.Y., Low, W.L., Wong, P.Y.: Learning fingerprints for a database intrusion detection system. In: Computer Security ESORICS 2002, pp. 264–279. Springer, Berlin (2002)
Vieira, M., Madeira, H.: Detection of malicious transactions in dbms. In: Dependable Computing, 2005. Proceedings of 11th Pacific Rim on International Symposium on IEEE, p. 8. IEEE (2005)
Bertino, E., Terzi, E., Kamra, A., Vakali, A.: Intrusion detection in RBAC-administered databases. In: Computer Security Applications Conference, 21st Annual, p. 10. IEEE (2005)
Kamra, A., Terzi, E., Bertino, E.: Detecting anomalous access patterns in relational databases. VLDB J. 17(5), 1063–1077 (2008)
Srivastava, A., Sural, S., Majumdar, A.K.: Weighted intra-transactional rule mining for database intrusion detection. In: Advances in Knowledge Discovery and Data Mining, pp. 611–620. Springer, Berlin (2006)
Mathew, S., Petropoulos, M., Ngo, H.Q., Upadhyaya, S.: A data-centric approach to insider attack detection in database systems. In: Recent Advances in Intrusion Detection, pp. 382–401. Springer, Berlin (2010)
Rao, U.P., Sahani, G.J., Patel, D.R.: Detection of malicious activity in role based access control (RBAC) enabled databases. J. Inf. Assur. Sec. 5(6), 611–617 (2010)
Rao, U.P., Patel, D.R.: Incorporation of application specific information for recovery in database from malicious transactions. Inf. Secur. J. Glob. Perspect. 22(1), 35–45 (2013)
Kamra, A., Bertino, E.: Design and implementation of an intrusion response system for relational databases. Knowl. Data Eng. IEEE Trans. 23(6), 875–888 (2011)
Codd, E.F.: A relational model of data for large shared data banks. Commun. ACM 13(6), 377–387 (1970)
Ferraiolo, D.F., Barkley, J.F., Kuhn, D.R.: A role-based access control model and reference implementation within a corporate intranet. ACM Trans. Inf. Syst. Secur. 2(1), 34–64 (1999)
Agrawal, R., Srikant, R.: Mining sequential patterns. In: Data Engineering, 1995. Proceedings of the Eleventh International Conference on IEEE, pp. 3–14 (1995)
TPC Council-TPC Benchmark C Standard Specification Version 5.1
Acknowledgment
This research work is supported by Institute Research Grant (Ref. No.: Dean (R&C)/1503/2013-14, dated: 17-02-2014) of S.V. National Institute of Technology Surat (Gujarat) 395007-India.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Rao, U.P., Singh, N.K. (2015). Detection of Privilege Abuse in RBAC Administered Database. In: Arai, K., Kapoor, S., Bhatia, R. (eds) Intelligent Systems in Science and Information 2014. SAI 2014. Studies in Computational Intelligence, vol 591. Springer, Cham. https://doi.org/10.1007/978-3-319-14654-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-14654-6_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14653-9
Online ISBN: 978-3-319-14654-6
eBook Packages: EngineeringEngineering (R0)