Abstract

  
 

References (70)



 
 

Citations (3)



 


 



A Real-time Intrusion Prevention System for Commercial Enterprise Databases


Ulf T. Mattsson


Protegrity Corp.


Abstract:     
Modern intrusion detection systems are comprised of three basically different approaches, host based, network based, and a third relatively recent addition called procedural based detection. The first two have been extremely popular in the commercial market for a number of years now because they are relatively simple to use, understand and maintain. However, they fall prey to a number of shortcomings such as scaling with increased traffic requirements, use of complex and false positive prone signature databases, and their inability to detect novel intrusive attempts. This intrusion detection systems represent a great leap forward over current security technologies by addressing these and other concerns. This paper presents an overview of our work in creating a true database intrusion detection system.

Based on many years of Database Security Research, the proposed solution detects a wide range of specific and general forms of misuse, provides detailed reports, and has a low false-alarm rate. Traditional database security mechanisms are very limited in defending successful data attacks. Authorized but malicious transactions can make a database useless by impairing its integrity and availability. The proposed solution offers the ability to detect misuse and subversion through the direct monitoring of database operations inside the database host, providing an important complement to host-based and
network-based surveillance. Suites of the proposed solution may be deployed throughout a network, and their alarms managed, correlated, and acted on by remote or local subscribing security services, thus helping to address issues of decentralized management.

Number of Pages in PDF File: 12

Keywords: Isolation, Intrusion Tolerance, Database Security, Encryption, VISA CISP,

JEL Classification: Z00

working papers series


Download This Paper

Date posted: December 31, 2003  

Suggested Citation

Mattsson, Ulf T., A Real-time Intrusion Prevention System for Commercial Enterprise Databases. Available at SSRN: http://ssrn.com/abstract=482282 or http://dx.doi.org/10.2139/ssrn.482282

Contact Information

Ulf T. Mattsson (Contact Author)
Protegrity Corp. ( email )
78 RIver Rd
Cos Cob, CT 06807
United States
Feedback to SSRN (Beta)


Paper statistics
Abstract Views: 2,605
Downloads: 303
Download Rank: 47,935
References:  70
Citations:  3

© 2013 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright
This page was processed by apollo8 in 0.453 seconds