Methodology for Detecting Advanced Persistent Threats in Oracle Databases
نویسندگان
چکیده
Advanced persistent threats (APTs) have become a big problem for computer systems. Databases are vulnerable to these threats and can give attackers access to an organizations sensitive data. Oracle databases are at greater risk due to their heavy use as back-ends to corporate applications such as enterprise resource planning software. This paper will describe a methodology for finding APTs that may be hiding or operating deep within an Oracle database system. Using a deep understanding of Oracle normal operations provides a baseline to assist in discovering APT behavior. Incorporating these into a database intrusion detection system can raise the ability for finding these threats. Methodology for Detecting Advanced Persistent Threats in Oracle Databases
منابع مشابه
Towards an Operational Semantic Theory of Cyber Defense Against Advanced Persistent Threats
This paper presents current work on developing an operational semantic theory of cyber defense against advanced persistent threats (APTs), which is grounded in cyber threat analytics, science of evidence, knowledge engineering, and machine learning. After introducing advanced persistent threats, it overviews a systematic APT detection framework and the corresponding APT detection models, the fo...
متن کاملAnomaly Detection in Log Data using Graph Databases and Machine Learning to Defend Advanced Persistent Threats
Advanced Persistent Threats (APTs) are a main impendence in cyber security of computer networks. In 2015, a successful breach remains undetected 146 days on average, reported by [Fi16]. With our work we demonstrate a feasible and fast way to analyse real world log data to detect breaches or breach attempts. By adapting well-known kill chain mechanisms and a combine of a time series database and...
متن کاملAccessing multidimensional Data Types in Oracle 9i Release 2
In former Releases of the Oracle Database, multidimensional data types did not exist. In typical Warehouse situations, especially if more advanced analytics was needed, an additional database had to be chosen to store and analyze the data. These databases offered a lot functionality for advanced analytics like what-if analysis, statistical queries and so on and an excellent query performance du...
متن کاملEnhancing Network Intrusion Detection through Host Clustering
The state-of-the-art in intrusion detection mainly relies on signature-based techniques. Although signature-based detection is an efficient way of protecting against known threats, it will not protect against new, advanced intrusions such as Advanced Persistent Threats (APTs). Moreover, many intrusion detection systems only monitor the network traffic crossing the external border of a network, ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IJSITA
دوره 5 شماره
صفحات -
تاریخ انتشار 2014