Responding to Anomalous Database Requests
نویسندگان
چکیده
Organizations have recently shown increased interest in database activity monitoring and anomaly detection techniques to safeguard their internal databases. Once an anomaly is detected, a response from the database is needed to contain the effects of the anomaly. However, the problem of issuing an appropriate response to a detected database anomaly has received little attention so far. In this paper, we propose a framework and policy language for issuing a response to a database anomaly based on the characteristics of the anomaly. We also propose a novel approach to dynamically change the state of the access control system in order to contain the damage that may be caused by the anomalous request. We have implemented our mechanisms in PostgreSQL and in the paper we discuss relevant implementation issues. We have also carried out an experimental evaluation to assess the performance overhead introduced by our response mechanism. The experimental results show that the techniques are very efficient.
منابع مشابه
Reducing errors in the anomaly-based detection of web-based attacks through the combined analysis of web requests and SQL queries
Web-based applications have become a popular means of exposing functionality to large numbers of users by leveraging the services provided by web servers and databases. The wide proliferation of custom-developed web-based applications suggests that anomaly detection could be a suitable approach for providing early warning and real-time blocking of application-level exploits. Therefore, a number...
متن کاملAnomaly-based Web Attack Detection: The Application of Deep Neural Network Seq2Seq With Attention Mechanism
Today, the use of the Internet and Internet sites has been an integrated part of the people’s lives, and most activities and important data are in the Internet websites. Thus, attempts to intrude into these websites have grown exponentially. Intrusion detection systems (IDS) of web attacks are an approach to protect users. But, these systems are suffering from such drawbacks as low accuracy in ...
متن کاملProcessing of semantic information in fluently spoken language
We are interested in constructing machines which learn to understand and act upon fluently spoken input. For any particular task, certain linguistic events are critical to recognize correctly, others not so. This notion can be quantified via salience, which measures the information content of an event for a task. In previous papers, salient words have been exploited to learn the mapping from sp...
متن کاملCultural sensitivity in end-of-life discussions.
Cultural origins influence the way patients and health care providers think about care and treatment at the end-of-life. With increasing ethnic diversity there is greater chance that clinical encounters will occur between individuals of different backgrounds, therefore there is greater risk of misunderstanding. Health care providers should be mindful of cultural differences when informing patie...
متن کاملImproving the Security and Performance of the BaBar Detector Controls System
It starts out innocently enough users want to monitor Online data and so run their own copies of the detector control GUIs in their offices and at home. But over time, the number of processes making requests for values to display on GUIs, webpages and stripcharts can grow, and affect the performance of an Input/Output Controller (IOC) such that it is unable to respond to requests from requests ...
متن کامل