An architectural design for a hybrid intrusion detection system for database
In today's business world, information is the most valuable asset of organizations and thus requires appropriate management and protection. Amongst all types of data repositories, database is said to play the role of the heart in the body of IT infrastructure. On the other hand, nowadays, a gro...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2009
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/10053/1/MohammadHosseinHaratianMFSKSM2009.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.10053 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.100532018-06-13T07:08:06Z An architectural design for a hybrid intrusion detection system for database 2009-04 Haratian, Mohammad Hossein NA Architecture QA76 Computer software In today's business world, information is the most valuable asset of organizations and thus requires appropriate management and protection. Amongst all types of data repositories, database is said to play the role of the heart in the body of IT infrastructure. On the other hand, nowadays, a growing number of efforts have concentrated on handling the vast variety of security attacks. The characteristic of such handling method depends on when we want it to be occurred and how we intent to deal with attack attempts. Generally there are two ways to handle subversion attempts. One way is to equip our systems by security controls. However in reality this is not feasible due to many reasons. Hence, we are interested in detecting the security attacks. Amongst different types of intrusion detection systems (like network-based, host-based and application-based IDS), database intrusion detection systems which are considered as a type of application-based IDS has become a matter of increasing concern. In this paper we proposed the architecture for a hybrid database intrusion detection system (DB-IDS). This architecture consists of several component and sub-components. It encompasses Anomaly Detection and Misuse Detection subcomponents as Detector component. Anomaly detection component works based on the Profiles constructed by Profiler. Suspicious sequence of events which are considered as potential attacks would be detected by Misuse Detector. Data Collector components is responsible for capturing necessary data for profiling. Moreover, the Transformer component is in place to convert the raw log files into an understandable format for Profiler. Finally, Anomaly Detector and Misuse Detector components send alert to Responder component in case of detection any suspicious activity. 2009-04 Thesis http://eprints.utm.my/id/eprint/10053/ http://eprints.utm.my/id/eprint/10053/1/MohammadHosseinHaratianMFSKSM2009.pdf application/pdf en public masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information System Faculty of Computer Science and Information System |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
NA Architecture QA76 Computer software |
| spellingShingle |
NA Architecture QA76 Computer software Haratian, Mohammad Hossein An architectural design for a hybrid intrusion detection system for database |
| description |
In today's business world, information is the most valuable asset of organizations and thus requires appropriate management and protection. Amongst all types of data repositories, database is said to play the role of the heart in the body of IT infrastructure. On the other hand, nowadays, a growing number of efforts have concentrated on handling the vast variety of security attacks. The characteristic of such handling method depends on when we want it to be occurred and how we intent to deal with attack attempts. Generally there are two ways to handle subversion attempts. One way is to equip our systems by security controls. However in reality this is not feasible due to many reasons. Hence, we are interested in detecting the security attacks. Amongst different types of intrusion detection systems (like network-based, host-based and application-based IDS), database intrusion detection systems which are considered as a type of application-based IDS has become a matter of increasing concern. In this paper we proposed the architecture for a hybrid database intrusion detection system (DB-IDS). This architecture consists of several component and sub-components. It encompasses Anomaly Detection and Misuse Detection subcomponents as Detector component. Anomaly detection component works based on the Profiles constructed by Profiler. Suspicious sequence of events which are considered as potential attacks would be detected by Misuse Detector. Data Collector components is responsible for capturing necessary data for profiling. Moreover, the Transformer component is in place to convert the raw log files into an understandable format for Profiler. Finally, Anomaly Detector and Misuse Detector components send alert to Responder component in case of detection any suspicious activity. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Haratian, Mohammad Hossein |
| author_facet |
Haratian, Mohammad Hossein |
| author_sort |
Haratian, Mohammad Hossein |
| title |
An architectural design for a hybrid intrusion detection system for database |
| title_short |
An architectural design for a hybrid intrusion detection system for database |
| title_full |
An architectural design for a hybrid intrusion detection system for database |
| title_fullStr |
An architectural design for a hybrid intrusion detection system for database |
| title_full_unstemmed |
An architectural design for a hybrid intrusion detection system for database |
| title_sort |
architectural design for a hybrid intrusion detection system for database |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Computer Science and Information System |
| granting_department |
Faculty of Computer Science and Information System |
| publishDate |
2009 |
| url |
http://eprints.utm.my/id/eprint/10053/1/MohammadHosseinHaratianMFSKSM2009.pdf |
| _version_ |
1747814789600509952 |