Trust factor-based analysis of user behavior using sequential pattern mining for detecting intrusive transactions in databases

Trust factor-based analysis of user behavior using sequential pattern mining for detecting intrusive transactions in databases

연구 분야: Databases

학회: The Journal of Supercomputing

Organizations today are employing databases on a large scale to store data essential for their functioning. Malicious access and modifications of the databases may lead to adverse financial and legal implications. In recent years, security researchers have focused on detecting abuse of access privileges by employees of an organization. Identifying threats from insiders is hard because they are aware of the organization of the database in addition to having authorised access privileges. To detect insider attacks effectively and efficiently, we present a novel approach to dynamically determine the malicious transactions using historical data. We propose Trust factor-based user behavior analysis using sequential pattern mining for database intrusion detection systems (TFUBID). Since, groups of users access the organizational database for similar purposes, we cluster user behavior vectors using fuzzy clustering and define a class of Integral Data Attributes using sequential pattern mining to model trust factor-based behavioral patterns of employees accessing the database assigning higher weight to critical elements and Directly Correlated Attributes. A comprehensive experimental evaluation on our synthetic dataset adhering to TPC-C standard benchmark revealed that TFUBID achieved an accuracy of 94% for detecting malicious transactions and outperforms competing state-of-the-art techniques on several performance measures.