Sallam et al., 2018 - Google Patents
Detection of temporal data Ex-filtration threats to relational databasesSallam et al., 2018
- Document ID
- 15608194789494133866
- Author
- Sallam A
- Bertino E
- Publication year
- Publication venue
- 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC)
External Links
Snippet
According to recent reports, the most common insider threats to systems are unauthorized access to or use of corporate information and exposure of sensitive data. While anomaly detection techniques have proved to be effective in the detection of early signs of data theft …
- 238000001514 detection method 0 title abstract description 48
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
- G06F17/30424—Query processing
- G06F17/30533—Other types of queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
- G06F17/30424—Query processing
- G06F17/30477—Query execution
- G06F17/30507—Applying rules; deductive queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30386—Retrieval requests
- G06F17/30424—Query processing
- G06F17/30477—Query execution
- G06F17/30516—Data stream processing; continuous queries
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30587—Details of specialised database models
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
- G06F17/30289—Database design, administration or maintenance
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3409—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computer systems utilising knowledge based models
- G06N5/02—Knowledge representation
- G06N5/022—Knowledge engineering, knowledge acquisition
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06N—COMPUTER SYSTEMS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N99/00—Subject matter not provided for in other groups of this subclass
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Mathew et al. | A data-centric approach to insider attack detection in database systems | |
| US10909241B2 (en) | Event anomaly analysis and prediction | |
| Costante et al. | A white-box anomaly-based framework for database leakage detection | |
| Santos et al. | Approaches and challenges in database intrusion detection | |
| Sallam et al. | Data and syntax centric anomaly detection for relational databases | |
| Lavrova et al. | Applying correlation and regression analysis to detect security incidents in the internet of things | |
| Dong et al. | Efficient discovery of abnormal event sequences in enterprise security systems | |
| Nikolova et al. | Some similarity coefficients and application of data mining techniques to the anomaly-based IDS | |
| Sallam et al. | Result-based detection of insider threats to relational databases | |
| Sallam et al. | Detection of temporal data Ex-filtration threats to relational databases | |
| Lambert II | Security analytics: Using deep learning to detect cyber attacks | |
| Reuben | Towards a differential privacy theory for edge-labeled directed graphs | |
| Moorthy et al. | A study of Intrusion Detection using data mining | |
| Afshar et al. | Incorporating behavior in attribute based access control model using machine learning | |
| Roschke et al. | A flexible and efficient alert correlation platform for distributed ids | |
| Sohrabi et al. | Detecting intrusion transactions in database systems: a novel approach | |
| Wang et al. | Embedding learning with heterogeneous event sequence for insider threat detection | |
| Chung et al. | A Hot Query Bank approach to improve detection performance against SQL injection attacks | |
| Yang et al. | Advanced persistent threat detection in smart grid clouds using spatiotemporal context-aware graph embedding | |
| Vinutha et al. | Analysis of NSL-KDD dataset using K-means and canopy clustering algorithms based on distance metrics | |
| Khan et al. | Towards modelling insiders behaviour as rare behaviour to detect malicious RDBMS access | |
| Li et al. | Memory‐Augmented Insider Threat Detection with Temporal‐Spatial Fusion | |
| Sallam et al. | Techniques and systems for anomaly detection in database systems | |
| Santos et al. | Securing data warehouses from web-based intrusions | |
| Li et al. | DPIF: a framework for distinguishing unintentional quality problems from potential shilling attacks |