Back to Search
Start Over
A novel intrusion detection system model for securing web-based database systems
- Source :
- COMPSAC
- Publication Year :
- 2002
- Publisher :
- IEEE, 2002.
-
Abstract
- Intrusion detection (ID) has become an important technology for protecting information resources and databases from malicious attacks and information leakage. This paper proposes a novel two-layer mechanism to detect intrusions against a web-based database service. Layer one builds historical profiles based on audit trails and other log data provided by the web server and database server. Pre-alarms will be triggered if anomalies occurred. Layer two makes further analysis on the pre-alarms generated from Layer one. Such methods integrates the alarm context with the alarms themselves rather than a simple "analysis in isolation". This can reduce the error rates, especially false positives and greatly improve the accuracy of intrusion detection, alarm notification and hence more effective incident handling.
- Subjects :
- Database server
business.industry
Computer science
Anomaly-based intrusion detection system
Context (language use)
System safety
Intrusion detection system
Computer security
computer.software_genre
Audit trail
Information leakage
False positive paradox
The Internet
Data mining
Isolation (database systems)
Intrusion prevention system
business
computer
Subjects
Details
- Database :
- OpenAIRE
- Journal :
- 25th Annual International Computer Software and Applications Conference. COMPSAC 2001
- Accession number :
- edsair.doi...........a989495babf87b2a1a85d8bfcb14456f