期刊文献+

一种基于查询密度聚类的异常检测算法 被引量:2

Clustering algorithm for anomaly detection based on queries density
下载PDF
导出
摘要 现有入侵检测研究多集中在网络和操作系统,而数据库系统具有自己的结构和语义,针对数据库特点的入侵检测是现有数据库安全机制的重要补充。提出一种数据库异常检测算法,该算法对数据库查询进行密度聚类,并通过聚类的核心对象来建立正常轮廓。说明了该算法的训练、检测、增量更新方法和查询执行前检测算法,并通过实验和实例对算法的性能和应用做了分析。 The existing researches of intrusion detection mainly focus on network or operating system. However, the database system has its own structure and semantic, the intrusion detection that aims at database is an important method to supplement current database security mechanisms. The paper presents an anomaly detection algorithm, which builds its normal profiles by core objects of density-based clusters from queries. The methods of training, detection, incremental updating and the modified algorithm for detecting anomalies before queries being executed are discussed. And lastly, experiments to show the performance of the algorithm and an example of application are reported.
出处 《系统工程与电子技术》 EI CSCD 北大核心 2007年第4期640-646,654,共8页 Systems Engineering and Electronics
基金 国家自然科学基金(60673127) 航空科学基金(02F52033) 江苏省高技术项目资助课题(BG2004-005)
关键词 聚类 异常检测 数据库安全 算法 clustering anomaly detection database security algorithm
  • 引文网络
  • 相关文献

参考文献13

  • 1Christina Y C,Michael G,Karl L.DEMIDS:a misuse detection system for database systems[C]∥ Proc.of the Third Annual IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems,Amsterdam,Netherlands,1999:158-178.
  • 2Zhong Y,Qin X L.Research on algorithm of user query frequent itemsets mining[C]∥Shanhai:Proc.of Third International Conference on Machine Learning and Cybernetics,2004:1671-1676.
  • 3Yi H,Brajendra P.A data mining approach for database intrusion detection[C]∥ Proc.of the 2004 ACM symposium on Applied Computing,Nicosia,Cyprus,2004:711-716.
  • 4Lee S Y,Low W L,Wong P R.Learning fingerprints for a database intrusion detection system[C]∥ Proc.of 7th European Symposium on Research in Computer Security (ESORICS 2002),Zurich,Switzerland,2002:264-280.
  • 5孟丽荣,夏思淝,陈驰,冯仕红.一种入侵容忍的安全数据库系统设计方案[J].山东大学学报(工学版),2003,33(2):176-179. 被引量:14
  • 6钟勇,秦小麟.数据库入侵检测研究综述[J].计算机科学,2004,31(10):15-18. 被引量:18
  • 7Ester M,Kriegel H P,Sander J,et al.A density-based algorithm for discovering clusters in large spatial databases[C]∥ Proc.of 1996 Int.Conf.Knowledge Discovery and Data Mining (KDD'96),Portland,Oregon,USA,1996:226-231.
  • 8Portnoy L,Eskin E,Solfo S.Intrusion detection with unlabeled data using clustering[C]∥ Proc.of ACM CSS Workshop on Data Mining Applied to Security (DMSA-2001),Philadelphia,PA,USA,2001:1-25.
  • 9Yu G,Ali A G,Nabil B.An unsupervised clustering algorithm for intrusion detection[C]∥ Proc.of the 16th Conference of the Canadian Society for Computational Studies of Intelligence (AI 2003),Halifax,Nova Scotia,Canada,2003:616-117.
  • 10Kalle B,Simin N.ADWICE:anomaly detection with real-time incremental clustering[C]∥ Proc.of 7th International Conference on Information Security and Cryptology (ICISC 04),Seoul,Korea,2004:407-424.

二级参考文献30

  • 1..http://www. sans. org/newlook/resources/glossary. htm,1999.
  • 2Wang Feiyi, Gong Fengmin. Chandramouli sargor, workshop on information assurance and security united states military.academy[J].West Point NY,2001(5):16.
  • 3Denning Dorothy E . An intrusion-detection model[J]. IEEE Transactions on Software Engineering, 1987,13(2) : 222.
  • 4Stolfo S,Fan D,Lee W. Credit card fraud detection using metalearning: Issues and initial results. In:Proc. AAAI Workshop on AI Approaches to Fraud Detection and Risk Management, 1997
  • 5Axelsson S. Intrusion Detection Systems: A Survey and Taxonomy, Chalmers University of Technology, Dept. of Computer Engineering, Go'' teborg, Sweden: [Technical Report 99-15]. 2000
  • 6Allen J,et al. State of the Practice of Intrusion Detection Technologies: [Technical Report CMU/SEI-99-TR-028 ]. ESC-99-028, Carnegie Mellon University, Software Engineering Institute, Jan. 2000
  • 7Sielken R S. Application intrusion detection: [Technical Report CS-99-17]. Department of Computer Science, University of Virginia, June 1999
  • 8Qian X,et al. Detection and elimination of inference channels in multilevel relational database systems. In: Proc. of the 1993IEEE Symposium on Research in Security and Privacy, 1993.196-205
  • 9Dawson S, et al. Maximizing Sharing of Protected Information.Journal of Computer and System Science, 2002, 64(3): 496-541
  • 10Hinke T H,Delugach H,Wolf R. A framework for inference-directed data mining. In: Proc. Tenth IFIP Working Conf.Database Security, Como, Italy, July 1996

共引文献33

同被引文献16

引证文献2

;
使用帮助 返回顶部