Securing Data Warehouses from Web-Based Intrusions

Authors

Ricardo Jorge Santos
Jorge Bernardino
Marco Vieira

Abstract

Decision support for 24/7 enterprises requires 24/7 available Data Warehouses (DWs). In this context, web-based connections to DWs are used by business management applications demanding continuous availability. Given that DWs store highly sensitive business data, a web-based connection provides a door for outside attackers and thus, creates a main security issue. Database Intrusion Detection Systems (DIDS) deal with intrusions in databases. However, given the distinct features of DW environments most DIDS either generate too many false alarms or too low intrusion detection rates. This paper proposes a real-time DIDS explicitly tailored for web-access DWs, functioning at the SQL command level as an extension of the DataBase Management System, using an SQL-like rule set and predefined checkups on well-defined DW features, which enable wide security coverage. We also propose a risk exposure method for ranking alerts which is much more effective than alert correlation techniques.

Keywords

Database security, Web security, Intrusion detection, Data warehouses

Subject

Intrusion Detection in Data Warehouses

Conference

WISE 2012 - International Conference on Web Information Systems Engineering, November 2012

PDF File

Cited by

Year 2013 : 1 citations

Elisa Costante, Sokratis Vavilis, Sandro Etall, Milan Petkovic, Nicola Zannone, "Database Anomalous Activities: Detection and Quantification", 10th International Conference on Security and Cryptography, SECRYPT 2013, Reykjavík, Iceland, July 29-31, 2013.