2,793 research outputs found
Recommended from our members
A dubiety-determining based model for database cumulated anomaly intrusion
The concept of Cumulated Anomaly (CA), which describes a new type of database anomalies, is addressed. A
typical CA intrusion is that when a user who is authorized to modify data records under certain constraints deliberately
hides his/her intentions to change data beyond constraints in different operations and different transactions. It happens
when some appearing to be authorized and normal transactions lead to certain accumulated results out of given thresholds.
The existing intrusion techniques are unable to deal with CAs. This paper proposes a detection model,
Dubiety-Determining Model (DDM), for Cumulated Anomaly. This model is mainly based on statistical theories and fuzzy
set theories. It measures the dubiety degree, which is presented by a real number between 0 and 1, for each database
transaction, to show the likelihood of a transaction to be intrusive. The algorithms used in the DDM are introduced. A
DDM-based software architecture has been designed and implemented for monitoring database transactions. The
experimental results show that the DDM method is feasible and effective
Statistical and fuzzy approach for database security
A new type of database anomaly is described by
addressing the concept of Cumulated Anomaly in this
paper. Dubiety-Determining Model (DDM), which is a
detection model basing on statistical and fuzzy set
theories for Cumulated Anomaly, is proposed. DDM
can measure the dubiety degree of each database
transaction quantitatively. Software system
architecture to support the DDM for monitoring
database transactions is designed. We also
implemented the system and tested it. Our
experimental results show that the DDM method is
feasible and effective
IoT Sentinel: Automated Device-Type Identification for Security Enforcement in IoT
With the rapid growth of the Internet-of-Things (IoT), concerns about the
security of IoT devices have become prominent. Several vendors are producing
IP-connected devices for home and small office networks that often suffer from
flawed security designs and implementations. They also tend to lack mechanisms
for firmware updates or patches that can help eliminate security
vulnerabilities. Securing networks where the presence of such vulnerable
devices is given, requires a brownfield approach: applying necessary protection
measures within the network so that potentially vulnerable devices can coexist
without endangering the security of other devices in the same network. In this
paper, we present IOT SENTINEL, a system capable of automatically identifying
the types of devices being connected to an IoT network and enabling enforcement
of rules for constraining the communications of vulnerable devices so as to
minimize damage resulting from their compromise. We show that IOT SENTINEL is
effective in identifying device types and has minimal performance overhead
Database Intrusion Detection Using Role Profiling
Insider threats cause the majority of computer system security problems and are also among the most challenging research topics in database security. An anomaly-based intrusion detection system (IDS), which can profile inside users’ normal behaviors and detect anomalies when a user’s behaviors deviate from his/her profiles, is effective to protect computer systems against insider threats since the IDS can profile each insider and then monitor them continuously. Although many IDSes have been developed at the network or host level since 1980s, there are still very few IDSes specifically tailored to database systems. We initially build our anomaly-based database IDS using two different profiling methods: one is to build profiles for each individual user (user profiling) and the other is to mine profiles for roles (role profiling). Detailed comparative evaluations between role profiling and user profiling are conducted, and we also analyze the reasons why role profiling is more effective and efficient than user profiling. Another contribution of this thesis is that we introduce role hierarchy into database IDS and remarkably reduce the false positive rate without increasing the false negative rate
Data Leak Detection As a Service: Challenges and Solutions
We describe a network-based data-leak detection (DLD)
technique, the main feature of which is that the detection
does not require the data owner to reveal the content of the
sensitive data. Instead, only a small amount of specialized
digests are needed. Our technique – referred to as the fuzzy
fingerprint – can be used to detect accidental data leaks due
to human errors or application flaws. The privacy-preserving
feature of our algorithms minimizes the exposure of sensitive
data and enables the data owner to safely delegate the
detection to others.We describe how cloud providers can offer
their customers data-leak detection as an add-on service
with strong privacy guarantees.
We perform extensive experimental evaluation on the privacy,
efficiency, accuracy and noise tolerance of our techniques.
Our evaluation results under various data-leak scenarios
and setups show that our method can support accurate
detection with very small number of false alarms, even
when the presentation of the data has been transformed. It
also indicates that the detection accuracy does not degrade
when partial digests are used. We further provide a quantifiable
method to measure the privacy guarantee offered by our
fuzzy fingerprint framework
Optimizing security and flexibility by designing a high security system for e-government servers
E-government is one of the most popular applications in the Web base applications.It helps people to do those work online, access the government sites, apply for online jobs, access to important data from the government database, and on top of that it also helps the government employees to access cameras and sensors over the country. However there are many challenges to keep the government data safe and secure in an open environment (network).Therefore, this paper is proposed to discuss two issues.In the first stage how to keep the data in safe, where this paper introduces many applications that guarantee a very high security for accessing and editing of data.The paper also carries a new design for E-government servers in which the authors try to distribute the security service on each line to avoid any attack from out or inside. The second issue is to ensure the flexibility of the data flow from the servers to the user which is the second challenge in the design.The experiment shows a good expected result, with the new approach have a high security and at the same time flexible E-government access.This paper provides a different view and uses a mixture of technologies to achieve a high security rate that will not affect different user's access.E-Government environment is subject to multiple security challenges, thus this paper proposed a model on how to secure the servers and how to ensure the flexibility of the system, in a simple way balance between a lot of security tools and the appreciate protecting vs. granting the flexible data flow up and download to the user
- …