Application of density-based outlier detection to database activity monitoring

To prevent internal data leakage, database activity monitoring uses software agents to analyze protocol traffic over networks and to observe local database activities. However, the large size of data obtained from database activity monitoring has presented a significant barrier to effective monitori...

Full description

Saved in:
Bibliographic Details
Published in:Information systems frontiers 2013-03, Vol.15 (1), p.55-65
Main Authors: Kim, Seung, Cho, Nam Wook, Lee, Young Joo, Kang, Suk-Ho, Kim, Taewan, Hwang, Hyeseon, Mun, Dongseop
Format: Article
Language:English
Subjects:
Access control
Algorithms
Analysis
Business and Management
Computation
Control
Data integrity
Energy research
Information systems
Intelligent systems
Intrusion detection systems
IT in Business
Learning theory
Licensed products
Management of Computing and Information Systems
Monitoring
Networks
Neural networks
Operations Research/Decision Theory
Research centers
Search methods
Security management
Software
Studies
Systems Theory
Traffic flow
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:To prevent internal data leakage, database activity monitoring uses software agents to analyze protocol traffic over networks and to observe local database activities. However, the large size of data obtained from database activity monitoring has presented a significant barrier to effective monitoring and analysis of database activities. In this paper, we present database activity monitoring by means of a density-based outlier detection method and a commercial database activity monitoring solution. In order to provide efficient computing of outlier detection, we exploited a kd -tree index and an Approximated k -nearest neighbors (ANN) search method. By these means, the outlier computation time could be significantly reduced. The proposed methodology was successfully applied to a very large log dataset collected from the Korea Atomic Energy Research Institute (KAERI). The results showed that the proposed method can effectively detect outliers of database activities in a shorter computation time.
ISSN:1387-3326
1572-9419
DOI:10.1007/s10796-010-9266-9