Authors: Indu Singh; Nikhil Arora; Shivam Arora; Parteek Singhal
Addresses: Delhi Technological University, Delhi, India ' Delhi Technological University, Delhi, India ' Delhi Technological University, Delhi, India ' Delhi Technological University, Delhi, India
Abstract: Designing and implementation of an intrusion detection system in any database environment has emerged as an absolute necessity in the recent years. Detection of both, the outsider attack and privilege abuse from within the organisation, has become a fundamental need for maintenance of dynamic, scalable and reinforced databases. Proposed advanced approach, malicious query detection using fuzzy and cluster analysis (MQDFCA) operates in a seamless manner and efficaciously performs detection and prevention of transactions that are intrusive in nature, within a database environment, thus shielding the vital data stored in a database from any unauthorised/malicious access or modifications. The method utilises concepts of machine learning like fuzzy logic, association rule mining and clustering algorithms at various stages to validate a newly generated transaction at role segment, profile segment and the rule validation segment. The degree of adherence of user supplied queries within a transaction to the previously generated user roles, transaction profiles and extracted rules is used to categorise the transaction as non-malicious or malicious. The efficaciousness of proposed methodology in detection of intrusions is exemplified from the results of the experiments conducted on the synthetic dataset yielding recall and precision values of 93% and 98% respectively.
Keywords: database intrusion detection; fuzzy association rule mining; data mining; clustering; transaction profiles; database security; FP growth; fuzzy c-means; computer security; data security; privilege abuse.
International Journal of Information and Computer Security, 2020 Vol.13 No.3/4, pp.372 - 395
Received: 13 Jan 2018
Accepted: 30 Dec 2018
Published online: 06 May 2020 *