Approaches and Challenges in Database Intrusion Detection

Authors

Abstract

Databases often support enterprise business and store its secrets. This means that securing them from data damage and information leakage is critical. In order to deal with intrusions against database systems, Database Intrusion Detection Systems (DIDS) are frequently used. This paper presents a survey on the main database intrusion detection techniques currently available and discusses the issues concerning their application at the database server layer. The identified weak spots show that most DIDS inadequately deal with many characteristics of specific database systems, such as ad hoc workloads and alert management issues in data warehousing environments, for example. Based on this analysis, research challenges are presented, and requirements and guidelines for the design of new or improved DIDS are proposed. The main finding is that the development and benchmarking of specifically tailored DIDS for the context in which they operate is a relevant issue and remains a challenge. We trust this work provides a strong incentive to open the discussion between both the security and database research communities.

Journal

ACM SIGMOD Record, Vol. 43, #3, pp. 36-47, ACM Volume 43 Issue 3, September 2014

PDF File

DOI