Database management systems based on role-based access control are widely used for information storage and analysis, but they are reportedly vulnerable to insider attacks. From the point of adaptive system, it is possible to perform classification on user queries accessing the database to determine insider attacks when they differ from the predicted values. In order to cope with high similarity of user queries, this paper proposes a deep metric neural network with hierarchical structure that extracts the salient features appropriately and learns the quantitative scale of similarity directly. The proposed model trained with 11,000 queries for 11 roles from the benchmark dataset of TPC-E produces the classification accuracy of 94.17%, which is the highest compared to the previous studies. The quantitative performance is evaluated by 10-fold cross-validation, the feature space embedded in the neural network is visualized by t-SNE, and the qualitative analysis is conducted by clustering the compression vectors among classes.
CITATION STYLE
Go, G. M., Bu, S. J., & Cho, S. B. (2021). Detecting intrusion via insider attack in database transactions by learning disentangled representation with deep metric neural network. In Advances in Intelligent Systems and Computing (Vol. 1267 AISC, pp. 460–469). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-57805-3_43
Mendeley helps you to discover research relevant for your work.