6,165 research outputs found
Statistical and fuzzy approach for database security
A new type of database anomaly is described by
addressing the concept of Cumulated Anomaly in this
paper. Dubiety-Determining Model (DDM), which is a
detection model basing on statistical and fuzzy set
theories for Cumulated Anomaly, is proposed. DDM
can measure the dubiety degree of each database
transaction quantitatively. Software system
architecture to support the DDM for monitoring
database transactions is designed. We also
implemented the system and tested it. Our
experimental results show that the DDM method is
feasible and effective
Recommended from our members
A dubiety-determining based model for database cumulated anomaly intrusion
The concept of Cumulated Anomaly (CA), which describes a new type of database anomalies, is addressed. A
typical CA intrusion is that when a user who is authorized to modify data records under certain constraints deliberately
hides his/her intentions to change data beyond constraints in different operations and different transactions. It happens
when some appearing to be authorized and normal transactions lead to certain accumulated results out of given thresholds.
The existing intrusion techniques are unable to deal with CAs. This paper proposes a detection model,
Dubiety-Determining Model (DDM), for Cumulated Anomaly. This model is mainly based on statistical theories and fuzzy
set theories. It measures the dubiety degree, which is presented by a real number between 0 and 1, for each database
transaction, to show the likelihood of a transaction to be intrusive. The algorithms used in the DDM are introduced. A
DDM-based software architecture has been designed and implemented for monitoring database transactions. The
experimental results show that the DDM method is feasible and effective
Issues common to Australian critical infrastructure providers scada networks discovered through computer and network vulnerability analysis
This paper reports on generic issues discovered as a result of conducting computer and network vulnerability assessments (CNVA) on Australian critical infrastructure providers. Generic issues discovered included policy, governance, IT specific such as segregation, patching and updating. Physical security was also lacking in some cases. Another issue was that previous security audits had failed to identify any of these issues. Of major concern is that despite education and awareness programs, and a body of knowledge referring to these issues, they are still occurring. It may be necessary for the federal government to force organisations to undergo computer and network vulnerability assessment from recognised experts on a regular basis
Electronic fraud detection in the U.S. Medicaid Healthcare Program: lessons learned from other industries
It is estimated that between 850 billion annually is lost to fraud, waste, and abuse in the US healthcare system,with 175 billion of this due to fraudulent activity (Kelley 2009). Medicaid, a state-run, federally-matchedgovernment program which accounts for roughly one-quarter of all healthcare expenses in the US, has been particularlysusceptible targets for fraud in recent years. With escalating overall healthcare costs, payers, especially government-runprograms, must seek savings throughout the system to maintain reasonable quality of care standards. As such, the need foreffective fraud detection and prevention is critical. Electronic fraud detection systems are widely used in the insurance,telecommunications, and financial sectors. What lessons can be learned from these efforts and applied to improve frauddetection in the Medicaid health care program? In this paper, we conduct a systematic literature study to analyze theapplicability of existing electronic fraud detection techniques in similar industries to the US Medicaid program
- …