Affiliation:
1. University of Coimbra, Portugal
2. Polytechnic Institute of Coimbra, Portugal
Abstract
Databases often support enterprise business and store its secrets. This means that securing them from data damage and information leakage is critical. In order to deal with intrusions against database systems, Database Intrusion Detection Systems (DIDS) are frequently used. This paper presents a survey on the main database intrusion detection techniques currently available and discusses the issues concerning their application at the database server layer. The identified weak spots show that most DIDS inadequately deal with many characteristics of specific database systems, such as ad hoc workloads and alert management issues in data warehousing environments, for example. Based on this analysis, research challenges are presented, and requirements and guidelines for the design of new or improved DIDS are proposed. The main finding is that the development and benchmarking of specifically tailored DIDS for the context in which they operate is a relevant issue, and remains a challenge. We trust this work provides a strong incentive to open the discussion between both the security and database research communities.
Publisher
Association for Computing Machinery (ACM)
Subject
Information Systems,Software
Reference33 articles.
1. Intrusion Detection in RBAC-administered Databases
2. A column dependency-based approach for static and dynamic recovery of databases from malicious transactions
3. DARPA archive Task Description of the KDD99 Benchmark available at http://www.kdd.ics.uci.edu/databases/kddcup99/task.html. DARPA archive Task Description of the KDD99 Benchmark available at http://www.kdd.ics.uci.edu/databases/kddcup99/task.html.
Cited by
9 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献