Controlling the False Alarm in an Intrusion Tolerant Database System Using Significance Degrees of Data Objects

Volume 13, Issue 3, pp 212-225 http://dx.doi.org/10.22436/jmcs.013.03.03

Download PDF

Download XML

• Export citations
  • CITATIONS & REFERENCES
  • EndNote (.ENW)
  • Mendeley, JabRef (.BIB)
  • Papers, Zotero, Reference Manager, RefWorks (.RIS)
  • ARTICLE CITATION
  • EndNote (.ENW)
  • Mendeley, JabRef (.BIB)
  • Papers, Zotero, Reference Manager, RefWorks (.RIS)
  • REFERENCES
  • EndNote (.ENW)
  • Mendeley, JabRef (.BIB)
  • Papers, Zotero, Reference Manager, RefWorks (.RIS)

• 2001 Downloads
• 3420 Views

Authors

Zeinab Falahizar - Computer Engineering Department, Islamic Azad University, Science and Research Branch, Tehran, Iran. Mohsen Rohani - Computer Engineering Department, Islamic Azad University, South Tehran Branch, Tehran, Iran. Alireza Falahizar - Computer Engineering Department, Islamic Azad University, Science and Research Branch, Tehran, Iran.

Abstract

Traditional database security mechanisms focus on either protection or prevention. However, in practice all attacks are not avoidable. To solve this problem, Intrusion Tolerant Database Systems (ITDBs) were introduced. An ITDB uses new generation database security mechanisms to guarantee specified levels of data availability, integrity and confidentiality in the presence of successful attacks. A key part of an ITDB is the intrusion detection (ID) which informs the system about attacks. One of the problems in using ID is the false alarm that will lead to the reduction of the “availability” or “integrity”. This paper presents an intelligent method to control false alarm. In this method, we will use the significance degrees of data objects to determine the anomaly threshold adaptively, as the “availability” and “integrity” required by the data objects are satisfied.

Share and Cite

Keywords

• Database Security
• Intrusion Tolerance
• Intrusion Detection
• false alarm
• anomaly threshold
• adaptive controller.

MSC

•  68P15
•  68P05

References

• [1] C. Kruegel, G. Vigna , Anomaly detection of web-based attacks , In CCS’03, , Washington, USA,October, (2003), 251–261
  • View Article
  • Google Scholar


• [2] T. Ryutov, C. Neuman, D. Kim, L. Zhou , Integrated access control and intrusion detection for web servers, IEEE Transactions on Parallel and Distributed Systems, 14(9) (2003), 814–850
  • View Article
  • Google Scholar


• [3] P. Liu, Architectures for intrusion tolerant database systems, Proc. 2002 Annual Computer Security Applications Conference, (2002), 311-320.
  • View Article
  • Google Scholar


• [4] P. Luenam, P. Liu , The design of an adaptive intrusion tolerant database system, InProc. IEEE Workshop on Intrusion Tolerant Systems, (2002)
  • Google Scholar


• [5] P. Liu, J. Jing, P. Luenam, Y. Wang, L. Li, S. Ingsriswang, The Design and Implementation of a Self-Healing Database System , Journal of Intelligent Information Systems, 23 (3) (2004), 247-269
  • View Article
  • Google Scholar
  • MATH


• [6] T. Lunt , A survey of intrusion detection techniques, Computers & Security, 12(4) (1993), 405–18
  • View Article
  • Google Scholar


• [7] F. S. Rietta, Application layer intrusion detection for sql injection, In ACM-SE 44: Proc. 44th annual Southeast regional conference, ACM Press, New York, NY, USA, (2006), 531–536
  • View Article
  • Google Scholar


• [8] C. Y. Chung, M. Gertz, K. Levitt. Demids, A misuse detection system for database systems , In 14th IFIPWG11.3 Working Conference on Database and Application Security, (2000)
  • View Article
  • Google Scholar


• [9] S. Stolfo, D. Fan, W. Lee, Credit card fraud detection using meta-learning: Issues and initial results, In AAAI Workshop on AI Approaches to Fraud Detection and Risk Management, (1997)
  • Google Scholar


• [10] P. Liu, H. Wang, L. Li , Real-time data attack isolation for commercial database applications, Elsevier Journal of Network and Computer Applications, 29(4) (2006), 294–320
  • View Article
  • Google Scholar


• [11] P. Liu, S. Jajodia , Multi-phase damage confinement in database systems for intrusion tolerance, In Proc. 14th IEEE Computer Security Foundations Workshop, Nova Scotia , Canada (2001)
  • Google Scholar


• [12] Z. Falahiazar, M. Rohani, The architecture of an intrusion tolerant database system, International Conference onEducational and Information Technology, (2010)
  • View Article
  • Google Scholar


• [13] TPC BenchmarkTM C. , , http://www.tpc.org/tpcc/., ()
  • Google Scholar


• [14] P. Luenam, P. Liu, A. F. Norcio, Adaptive Intrusion Tolerant Database Systems, VDM VERLAG DR. MULLER, Germany (2008)
  • Google Scholar


• [15] J. Freeman, D. Skapura , Neural Networks: Algorithms, applications and programming techniques , Addison-Wesley, Reading, MA (1991)
  • Google Scholar
  • MATH


• [16] S. HAYKIN , Neural Networks: A Comprehensive Foundation, second edition. Prentice Hall 1999. Chapter 4 Multilayer Perceptrons, (1999), 156−255.
  • Google Scholar


• [17] DE. Rumelhart, GE. Hinton, RJ. Williams , Learning internal representations by error propagation, In: Rumelhart DE, McClelland JL (eds). Parallel Distributed Processing, Vol. I. MIT Press, Cambridge ()
  • Google Scholar


• [18] Madan M. Gupta, Liang Jin, Noriyasu Homma, Static and Dynamic Neural Networks From Fundamentals to Advanced Theory, chapter 4, John Wiley & Sons. , (2003)
  • Google Scholar


• [19] Oliver Nelles , Nonlinear System Identification From Classical Approaches to Neural Networks and Fuzzy Models, chapter 11, Springer, Verlag Berlin Heidelberg (2001)
  • Google Scholar
  • MATH


• [20] Martin T. Hagan, HowllId B. Demuth, Neural Network design, chapter 11, PWS Publishing Company. (1996)
  • Google Scholar


• [21] P. Ammann, S. Jajodia, P. Liu, Recovery from malicious transactions , IEEE Transaction on Knowledge and Data Engineering, 14(5) (2002), 1167–1185
  • View Article
  • Google Scholar


• [22] T. Chiueh, D. Pilania , Design, implementation, and evaluation of an intrusion resilient database system, In Proc. International Conference on Data Engineering, (2005), 1024–1035
  • Google Scholar


• [23] R. Sobhan, B. Panda, Reorganization of the database log for information warfare data recovery, In Proceedings of the fifteenth annual working conference on Database and application security, pages , Niagara, Ontario, Canada, (2002), 121–134
  • View Article
  • Google Scholar
  • MATH


• [24] M. Yu, P. Liu, W. Zang, Self-healing workflow systems under attacks, In The 24th International Conference on Distributed Computing Systems(ICDCS’04), (2004), 418–425
  • View Article
  • Google Scholar


• [25] Y.-W. Huang, S.-K. Huang, C.-H. Tsai , Web application. In WWW, Budapest, Hungary, ACM, ACM, (2003), 148–159
  • View Article
  • Google Scholar


• [26] Z. Falahiazar, M. Rohani, L. Falahiazar, M. Teshnelab, Optimizing An Intrusion Tolerant Database System Using Neural Network, In International Journal of Database Theory and Application, Vol. 5, No. 2 (2012)
  • Google Scholar


• [27] Guoqiang Peter Zhang, Neural Networks for Classification: A Survey, In IEEE Transactions on systems, MAN, and Cybernetics—Part C: applications and reviews, Vol. 30, No. 4 (2000)
  • View Article
  • Google Scholar


• [28] Mohammad M. Javidi, Mina Sohrabi, Marjan Kuchaki Rafsanjani, Intrusion Detection in Database Systems, In Communication and Networking, Communications in Computer and Information Science, Volume 120. Springer Berlin Heidelberg, 93-101 (2010)
  • View Article
  • Google Scholar


• [29] M. Hassanzadeh, G. Ardeshir, Optimal Membership Function for Creating Fuzzy Classifiers Ensemble, Journal of mathematics and computerscience, 12 (2014), 73–84.
  • Google Scholar


• [30] Shiva Zahedian , Aspect-Oriented Software Maintainability Assessment Using Adaptive Neuro Fuzzy Inference System (ANFIS) , Journal of mathematics and computerscience, 12 (2014), 243–252.
  • Google Scholar


• [31] Neda Noori, Leila Boti, Ebrahim Nowzarpoor Shami , Surveying Different Aspects of Anomaly Detection and Its Applications, Journal of mathematics and computer science, 4(2) (2012), 129-138.
  • Google Scholar