As a main method in database intrusion detection, database anomaly detection should be able to detect users’ operational behaviours for timely prevention of possible attacks and for guarantee of database security. Aiming at this, we apply cluster analysis techniques to anomaly detection and propose a novel density-based clustering algorithm called DBCAPSIC, which is adopted to clustering database users according to their behavior types and behavior frequencies. Privilege patterns are extracted from the clusters and serve as a reference in anomaly detection. The simulation experiment proves that the algorithm can recognize the anomalous operations with few mistakes.
CITATION STYLE
Geng, J., Ye, D., Luo, P., & Lv, P. (2015). A novel clustering algorithm for database anomaly detection. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST (Vol. 164, pp. 682–696). Springer Verlag. https://doi.org/10.1007/978-3-319-28865-9_45
Mendeley helps you to discover research relevant for your work.