摘要
目前,针对数据库应用层面的攻击越来越多,为记录发生的各种内部操作,Oracle数据库提供了审计功能。为进一步完善安全审计机制,本文将关联规则数据挖掘技术用于对数据库审计记录的分析,建立用户正常行为规则,实现对用户行为的检测。设计基于Oracle数据库的审计分析系统,实现了审计策略、数据预处理、记录分析和异常检测等功能。基于关联规则挖掘检测方法实现对数据库用户操作的实时监测和事后分析。
At present, there are more and more attacks against the database application. The audit function of Oracle database system can record all operations occurring inside it. This paper uses the analysis of database’s audit records that base on the technology of association rule data mining, in order to further improve the security audit mechanism, establish the normal behaviors rules of users, and detect user behaviors. It can implement some functions such as auditing strategy、data preprocessing、record analysis、anomaly detection and so on. At the same time, the detection method based on association rule mining can realize real-time monitoring and post-mortem analysis of database users.
作者
朱勇
沈士强
ZHU Yong;SHEN Shi-qiang(Tianjin Yunrui Information Technology Co.,Ltd.,Tianjin 300387;Tianjin Tiansoft Talent Base Management Co.,Ltd.,Tianjin 300387)
出处
《数字技术与应用》
2019年第4期123-124,共2页
Digital Technology & Application
