Amended Anticipation Model for Fast Exposure of Mischievous Communications in Database Systems

  IJCOT-book-cover
 
International Journal of Computer & Organization Trends  (IJCOT)          
 
© 2016 by IJCOT Journal
Volume - 6 Issue - 3
Year of Publication : 2016
Authors : Sushant Yadav, Mrs. Mamta Yadav
DOI : 10.14445/22492593/IJCOT-V34P308

Citation

Sushant Yadav, Mrs. Mamta Yadav "Amended Anticipation Model for Fast Exposure of Mischievous Communications in Database Systems", International Journal of Computer & organization Trends (IJCOT), V6(3):28-33 May - Jun 2016, ISSN:2249-2593, www.ijcotjournal.org. Published by Seventh Sense Research Group.

Abstract Database Security is an concept that includes the following properties: authenticity (guarantees that a service or piece of information is authentic), confidentiality (absence of unauthorized disclosure of a service or piece of information), integrity (protection of a service or piece of information against illicit and/or undetected modification), and availability (protection of a service or piece of information against possible denials of service caused by malicious actions). Current intrusion detection systems use logs to detect malicious transactions. Logs are the histories of the transactions committed in the database. The disadvantage of using logs is that they need lot of memory. In addition to this sometimes even after a transaction is detected as malicious it cannot be rolled back. In this paper we present a method by which we can overcome the uses of logs and can detect malicious transactions before they are committed. We use specific user-profiles to store the sequence of commands in a transaction and use a prevention model for instant detection of malicious transactions.

References

1. Marco Vieira and Henrique Madeira, “Detection of Malicious Transactions in DBMS”, IEEE Proceedings- 11th Pacific Rim International Symposium on Dependable Computing, Dec 12-14,2005, PP: 8.
2. Korra Sathya Babu, “Prevention of Unwanted Transactions in DBMS”, Department of computer Science and Engineering, NIT Rourkela, 2008.
3. E. F. Codd, "A Relational Model of Data for Large Shared Data Banks ", Comm. of the ACM(1970).
4. Ravi Sandhu and Pierangela Samarati, “Access Control: Principles and Practice”, IEEE Communications Magazine, September 1994.
5. Yi Hu and Brajentra Panda, “Identification of malicious transactions in Database Systems”, Proceedings of 7th International database engineering & Applications symposium, 16-18 July, 2013, PP 329-335.
6. L. Fan, P. Cao, J. Almeida, and A. Z. Broder. “Summary Cache: A Scalable Wide-Area Web Cache Sharing Protocol”, IEEE Transactions on Networking, 2000, PP 281- 293.
7. TPC Council, “TPC BenchmarkTM C, Standard Specification, Version 5.10.1”, February 2009. 8. Gordon, L. Loeb, M., Lucyshyn, W. and Richardson, R. Computer Security Institute. Computer crime and security survey, 2006.
9. Fonseca, J., Vieira, M., and Madeira, H. Online detection of malicious data access using DBMS auditing. In Proceedings of the 2008 ACM Symposium on Applied Computing. SAC`08. ACM, New York, NY, 1013-1020, 2008.
10. Chung, C. Y., Gertz, M., Levitt, K. DEMIDS: a misuse detection system for database systems.In integrity and internal Control information Systems: Strategic Views on the Need For Control, Norwell, MA, 159-178,2000

Keywords
Database Security, intrusion detection systems.