Jeong Ho Park , Sang Hyun Oh , Won Suk Lee

The KIPS Transactions:PartC, Vol. 9, No. 6, pp. 831-840, Dec. 2002
10.3745/KIPSTC.2002.9.6.831,   PDF Download:

Abstract

Due to the advance of computer and communication technology, intrusions or crimes using a computer have been increased rapidly while tremendous information has been provided to users conveniently. Specially, for the security of a database which stores important information such as the private information of a customer or the secret information of a company, several basic security methods of a database management system itself or conventional misuse detection methods have been used. However, a problem caused by abusing the authority of an internal user such as the drain of secret information is more serious than the breakdown of a system by an external intruder. Therefore, in order to maintain the security of a database effectively, an anomaly detection technique is necessary. This paper proposes a method that generates the normal behavior profile of a user from the database log of the user based on an association mining method. For this purpose, the information of a database log is structured by a semantically organized pattern tree. Consequently, an online transaction of a user is compared with the profile of the user, so that any anomaly can be effectively detected.

Statistics
Cite this article