Abstract
Decision support for 24/7 enterprises requires 24/7 available Data Warehouses (DWs). In this context, web-based connections to DWs are used by business management applications demanding continuous availability. Given that DWs store highly sensitive business data, a web-based connection provides a door for outside attackers and thus, creates a main security issue. Database Intrusion Detection Systems (DIDS) deal with intrusions in databases. However, given the distinct features of DW environments most DIDS either generate too many false alarms or too low intrusion detection rates. This paper proposes a real-time DIDS explicitly tailored for web-access DWs, functioning at the SQL command level as an extension of the DataBase Management System, using an SQL-like rule set and predefined checkups on well-defined DW features, which enable wide security coverage. We also propose a risk exposure method for ranking alerts which is much more effective than alert correlation techniques.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fonseca, J., Vieira, M., Madeira, H.: Online Detection of Malicious Data Access Using DBMS Auditing. In: ACM Symposium on Applied Computing, SAC (2008)
Hu, Y., Panda, B.: A Data Mining Approach for Database Intrusion Detection. In: ACM Symposium on Applied Computing, SAC (2004)
Kamra, A., Terzi, E., Bertino, E.: Detecting Anomalous Access Pat-terns in Relational Databases. Springer VLDB Journal 17 (2008)
Kimball, R., Ross, M.: The Data Warehouse Toolkit, 2nd edn. Wiley & Sons, Inc. (2002)
Lee, S.-Y., Low, W.L., Wong, P.Y.: Learning Fingerprints for a Database Intrusion Detection System. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 264–279. Springer, Heidelberg (2002)
Mathew, S., Petropoulos, M., Ngo, H.Q., Upadhyaya, S.: A Data-Centric Approach to Insider Attack Detection in Database Systems. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 382–401. Springer, Heidelberg (2010)
Pietraszek, T.: Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 102–124. Springer, Heidelberg (2004)
Srivastava, A., Sural, S., Majumdar, A.K.: Database Intrusion De-tection using Weighted Sequence Mining. Journal of Computers I(4) (2006)
Treinen, J.J., Thurimella, R.: A Framework for the Application of Association Rule Mining in Large Intrusion Detection Infrastructures. In: Zamboni, D., Kruegel, C. (eds.) RAID 2006. LNCS, vol. 4219, pp. 1–18. Springer, Heidelberg (2006)
Valdes, A., Skinner, K.: Probabilistic Alert Correlation. In: Lee, W., Mé, L., Wespi, A. (eds.) RAID 2001. LNCS, vol. 2212, pp. 54–68. Springer, Heidelberg (2001)
Transaction Processing Council, TPC Decision Support Benchmark H, http://www.tpc.org/tpch
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Santos, R.J., Bernardino, J., Vieira, M., Rasteiro, D.M.L. (2012). Securing Data Warehouses from Web-Based Intrusions. In: Wang, X.S., Cruz, I., Delis, A., Huang, G. (eds) Web Information Systems Engineering - WISE 2012. WISE 2012. Lecture Notes in Computer Science, vol 7651. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35063-4_53
Download citation
DOI: https://doi.org/10.1007/978-3-642-35063-4_53
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35062-7
Online ISBN: 978-3-642-35063-4
eBook Packages: Computer ScienceComputer Science (R0)