Insider attack detection in database with deep metric neural network with Monte Carlo sampling-Reference-Cited by-同舟云学术

Insider attack detection in database with deep metric neural network with Monte Carlo sampling

Published:2022-02-15 Issue:6 Volume:30 Page:979-992
ISSN:1367-0751
Container-title:Logic Journal of the IGPL
language:en
Short-container-title:

Author:

Go Gwang-Myong¹,Bu Seok-Jun²,Cho Sung-Bae²

Affiliation:

1. Yonsei University Department of Computer Science, , Seoul 03722, South Korea and Samsung Electronics, Co., Ltd., Suwon 16706, South Korea

2. Yonsei University Department of Computer Science, , Seoul 03722, South Korea

Abstract

Abstract Role-based database management systems are most widely used for information storage and analysis but are known as vulnerable to insider attacks. The core of intrusion detection lies in an adaptive system, where an insider attack can be judged if it is different from the predicted role by performing classification on the user’s queries accessing the database and comparing it with the authorized role. In order to handle the high similarity of user queries for misclassified roles, this paper proposes a deep metric neural network with strategic sampling algorithm that properly extracts salient features and directly learns a quantitative measure of similarity. A strategic sampling method of heuristically generating and learning training pairs through Monte Carlo search is proposed to select a training pair that can represent the entire dataset. With the TPC-E–based benchmark data trained with 11,000 queries for 11 roles, the proposed model produces the classification accuracy of 95.41%, which is the highest compared with the previous models. The results are verified through comparison of quantitative and qualitative evaluations, and the feature space modelled in the neural network is analysed by t-SNE algorithm.

Publisher

Oxford University Press (OUP)

Subject

Logic

Link

https://academic.oup.com/jigpal/article-pdf/30/6/979/47058127/jzac007.pdf

Reference29 articles.

1. A data-centric approach to insider attack detection in database systems;Mathew;International Workshop on Recent Advances in Intrusion Detection,2010

2. Database security: what students need to know;Murray;Journal of Information Technology Education: Innovates in Practice,2010

3. Architecture for Data Collection in Database Intrusion Detection Systems

4. Database security: concepts, approaches and challenges;Bertino;IEEE Transactions on Dependable and Secure Computing,2005

5. Proposed NIST standard for role-based access control;Ferraiolo;Security,2001

Cited by 5 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Novel adaptive approach for anomaly detection in nonlinear and time-varying industrial systems;Logic Journal of the IGPL;2024-05-14

2. Research Opportunity of Insider Threat Detection based on Machine Learning Methods;2023 International Conference on Artificial Intelligence in Information and Communication (ICAIIC);2023-02-20

3. Evaluating Classifiers’ Performance to Detect Attacks in Website Traffic;International Joint Conference 15th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2022) 13th International Conference on EUropean Transnational Education (ICEUTE 2022);2022-11-05

4. Dimensionality-Reduction Methods for the Analysis of Web Traffic;International Joint Conference 15th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2022) 13th International Conference on EUropean Transnational Education (ICEUTE 2022);2022-11-05

5. An Anomaly Detection Approach for Realtime Identification Systems Based on Centroids;International Joint Conference 15th International Conference on Computational Intelligence in Security for Information Systems (CISIS 2022) 13th International Conference on EUropean Transnational Education (ICEUTE 2022);2022-11-05