期刊名称:Journal of Theoretical and Applied Information Technology
印刷版ISSN:1992-8645
电子版ISSN:1817-3195
出版年度:2018
卷号:96
期号:10
出版社:Journal of Theoretical and Applied
摘要:Database intrusion detection system is considered a mandatory security layer in recent database applications. The detection of intrusions in database applications is mostly based on anomaly methods like access patterns, association rule mining and mining data dependencies between data items. These countermeasures achieve good results in traditional applications but new forms of attacks on computer systems lead to the depreciation of intrusion detection systems due to the high rates of false positive alarms. The goal of this paper is to improve the accuracy of intrusion detection system by reducing false alarms using alert clustering mechanism and system hibernation capabilities. In this paper, a three-stage access control framework is developed for detecting malicious users in database. This framework is embedded with an alert clustering mechanism for reducing false alarms by correlating low-level alerts into one cluster. A post security countermeasure is developed by merging system hibernation capabilities into the developed application. The hibernation mechanism is used for maintaining the availability of data in case of intrusion detection. The experimental results of the proposed algorithm achieve high detection rate with low false positive and low false negative alarms when compared to recent researches in intrusion detection systems.
