This document proposes using role-based access control (RBAC) to improve database intrusion detection. It discusses how RBAC restricts access to databases based on user roles. Administrators who access sensitive attributes would have their audit logs mined to determine attribute sensitivity. This information could then be used to detect intrusions using fewer rules. The document outlines the RBAC model and relationships between users, jobs, and access. It also describes implementing RBAC in 6 steps and using a formula to represent the RBAC access control process to better secure database attributes and detect intrusions.
Requirement Based Intrusion Detection in Addition to Prevention Via Advanced ...journal ijrtem
An intrusion detection system (IDS) is designed to monitor all inbound and outbound network
activity and identify any suspicious patterns that may indicate a network or system attack from someone
attempting to break into or compromise a system. IDS is considered to be a passive-monitoring system, since the
main function of an IDS product is to warn you of suspicious activity taking place − not prevent them. An IDS
essentially reviews your network traffic and data and will identify probes, attacks, exploits and other
vulnerabilities. IDSs can respond to the suspicious event in one of several ways, which includes displaying an
alert, logging the event or even paging an administrator. In some cases, the IDS may be prompted to reconfigure
the network to reduce the effects of the suspicious intrusion. The proposed protocol called Password Guessing
Resistant Protocol (PGRP), helps in preventing such attacks and provides a pleasant login experience for
legitimate users. PGRP limits the number of login attempts for unknown users. In additional we propose an attack
detector for cloud spoofing that utilizes MAC (Media access Control) and RSS (Received Signal strength) analysis.
Next, we describe how we integrated our attack detector into a real-time indoor localization system, which is also
capable of localizing the positions of the attackers
International Refereed Journal of Engineering and Science (IRJES) irjes
International Refereed Journal of Engineering and Science (IRJES)
Ad hoc & sensor networks, Adaptive applications, Aeronautical Engineering, Aerospace Engineering
Agricultural Engineering, AI and Image Recognition, Allied engineering materials, Applied mechanics,
Architecture & Planning, Artificial intelligence, Audio Engineering, Automation and Mobile Robots
Automotive Engineering….
Requirement Based Intrusion Detection in Addition to Prevention Via Advanced ...journal ijrtem
An intrusion detection system (IDS) is designed to monitor all inbound and outbound network
activity and identify any suspicious patterns that may indicate a network or system attack from someone
attempting to break into or compromise a system. IDS is considered to be a passive-monitoring system, since the
main function of an IDS product is to warn you of suspicious activity taking place − not prevent them. An IDS
essentially reviews your network traffic and data and will identify probes, attacks, exploits and other
vulnerabilities. IDSs can respond to the suspicious event in one of several ways, which includes displaying an
alert, logging the event or even paging an administrator. In some cases, the IDS may be prompted to reconfigure
the network to reduce the effects of the suspicious intrusion. The proposed protocol called Password Guessing
Resistant Protocol (PGRP), helps in preventing such attacks and provides a pleasant login experience for
legitimate users. PGRP limits the number of login attempts for unknown users. In additional we propose an attack
detector for cloud spoofing that utilizes MAC (Media access Control) and RSS (Received Signal strength) analysis.
Next, we describe how we integrated our attack detector into a real-time indoor localization system, which is also
capable of localizing the positions of the attackers
International Refereed Journal of Engineering and Science (IRJES) irjes
International Refereed Journal of Engineering and Science (IRJES)
Ad hoc & sensor networks, Adaptive applications, Aeronautical Engineering, Aerospace Engineering
Agricultural Engineering, AI and Image Recognition, Allied engineering materials, Applied mechanics,
Architecture & Planning, Artificial intelligence, Audio Engineering, Automation and Mobile Robots
Automotive Engineering….
The Constrained Method of Accessibility and Privacy Preserving Of Relational ...IJERA Editor
Now in organizations or companies maximum information or data available and that data are related to tabular
form means relational database. Sometimes organization wanted to distribute that particular information or data
in within organization or other organization in daily basis. Here the thing is that the organization faces the some
kind of problems of security related because they distributed that information for its purposes and here
sometimes organization wanted that particular information will be modified or upgraded, Now they can used
numbers of methods or technics for encryption and electronic signatures for given a security and protection of
that particular data in during transmission network. In that protection of that protection used various different
mechanisms and strong methods for accessing that specific that particular data or information. It is very well
known that current or today the proper data must take as access control polices. Also some kind of methods for
CIA towards database system must be adopted
Abstraction and Automation: A Software Design Approach for Developing Secure ...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
Adaptive authentication is a risk-based authentication that identifies high-risk and suspicious
illegitimate login attempts. User past login records which implicitly contains attribute factors
context information are used to establish user behavior profile. Later if the user logins under
different environmental context from that established profile, the identity of the user may be
questioned. The system may challenge the user to present additional authentication method to
get authenticated. We implemented such adaptive authentication system in our production
server and collected user login records for more than six months. In this paper, we presents the
analysis of the user login profile with regards to attribute factors such as geographical location
and time of login. We also developed testbed system that uses the collected real data to evaluate
the system for different ratio threshold values.
For more course tutorials visit
www.newtonhelp.com
CST 610 Project 1 Information Systems and Identity Management
CST 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux)
CST 610 Project 3 Assessing Information System Vulnerabilities and Risk
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...ijcsta
Business logics of relational databases applications are an important source of security violations, namely in respect
to access control. The situation is particularly critical when access control policies are many and complex. In these
cases, programmers of business logics can hardly master the established access control policies. Now we consider
situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of
security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the
modification of data previously retrieved by Select statements. To overcome this security gap when Role-based
access control policies are used, we propose an extension to the basic model in order to control the two sources
of security threats. Finally, we present a software architectural model from which distributed and typed RBAC
mechanisms are automatically built, this way relieving programmers from mastering any security schema. We
demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.
This paper deals with the risk assessment of different types of electronics and mobile payment systems as well as the countermeasures to mitigate the identified risk in various electronics and mobile payment synthesis.
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...csandit
Database auditing has become a very crucial aspect
of security as organisations increase their
adoption of database management systems (DBMS) as m
ajor asset that keeps, maintain and
monitor sensitive information. Database auditing is
the group of activities involved in observing
a set of stored data in order to be aware of the ac
tions of users. The work presented here
outlines the main auditing techniques and methods.
Some architectural based auditing systems
were also considered to assess the contribution of
auditing to database security. Here a
framework of several stages to be used in the insti
gation of auditing is proposed. Some issues
relating to handling of audit trails are also discu
ssed in this paper. This paper also itemizes
some of the key important impacts of the concept to
security and how compliance with
government policies and regulations is enforced thr
ough auditing. Once the framework is
adopted, it will provide support to database audito
rs and DBAs.
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Journals
Abstract Health Care is the most important unindustrialized field. Cloud is an emerging trend in software industry. In medical field, there are large dataset comprising highly sensitive data about patient’s medical records. Based on these records, diagnosis for the patient will be given. Moving data to the cloud makes to explore a large information for diagnosis as expert documentation will also be stored as part of health record. Physicians from anywhere at any time can get access over these reports for better treatment. The Medicare industry vacillates to store these data to the cloud as the patients might feel insecure about their health records. This work introduces the idea of combining Cipher Cloud, Inter Cloud and ABE schemes, proposes an innovative method to enhance security features in the cloud by double encryption using algorithms and tools. By this, only authorized entities are proficient of accessing these records. Rather than storing data in single cloud, Inter Cloud (Multi-cloud) also adds advantage for our proposed work. Keywords: Virtualization, Cipher cloud, Trust, Encryption, Inter cloud
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
International Journal of Engineering Inventions (IJEI) provides a multidisciplinary passage for researchers, managers, professionals, practitioners and students around the globe to publish high quality, peer-reviewed articles on all theoretical and empirical aspects of Engineering and Science.
The peer-reviewed International Journal of Engineering Inventions (IJEI) is started with a mission to encourage contribution to research in Science and Technology. Encourage and motivate researchers in challenging areas of Sciences and Technology.
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data IJECEIAES
To be able to leverage big data to achieve enhanced strategic insight and make informed decision, an efficient access control mechanism is needed for ensuring end to end security of such information asset. Attribute Based Access Control (ABAC), Role Based Access Control (RBAC) and Event Based Access Control (EBAC) are widely used access control mechanisms. The ABAC system is much more complex in terms of policy reviews, hence analyzing the policy and reviewing or changing user permission are quite complex task. RBAC system is labor intensive and time consuming to build a model instance and it lacks flexibility to efficiently adapt to changing user’s, objects and security policies. EBAC model considered only the events to allocate access controls. Yet these mechanisms have limitations and offer feature complimentary to each other. So in this paper, Event-Role-Attribute based fine grained Access Control mechanism is proposed, it provide a flexible boundary which effectively adapt to changing user’s, objects and security policies based on the event. The flexible boundary is achieved by using temporal and environment state of an event. It improves the big data security and overcomes the disadvantages of the ABAC and RBAC mechanisms. The experiments are conducted to prove the effectiveness of the proposed Event-Role-Attribute based Access Control mechanism over ABAC and RBAC in terms of computational overhead.
3/12/2019 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id… 1/3
%50
%19
%2
SafeAssign Originality Report
Database Security - 201930 - CRN160 - Thota • Week 8 Paper
%71Total Score: High riskPratibha Sugureddygari
Submission UUID: b0b91467-9346-6662-c8c8-6d32b50133c4
Total Number of Reports
1
Highest Match
71 %
Submission_Text.html
Average Match
71 %
Submitted on
03/10/19
10:12 PM EDT
Average Word Count
670
Highest: Submission_Text.html
%71Attachment 1
Institutional database (6)
Student paperStudent paper Student paperStudent paper Student paperStudent paper
Student paperStudent paper Student paperStudent paper Student paperStudent paper
Internet (4)
oracle-baseoracle-base ugentugent oracleoracle
oracleoracle
Global database (1)
Student paperStudent paper
Top sources (3)
Excluded sources (0)
View Originality Report - Old Design
Word Count: 670
Submission_Text.html
33 11 22
44 1010 88
99 1111 77
55
66
33 Student paperStudent paper 11 Student paperStudent paper 99 oracle-baseoracle-base
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id=_43338_1&download=true&includeDeleted=true&print=true&force=true
3/12/2019 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id… 2/3
Source Matches (19)
Student paper 100%
Student paper 65%
Student paper 71%
Student paper 62%
AUDIT_ADMIN and AUDIT_VIEWER
To start with, auditing is the monitoring and recording of configured database actions form both the users of the database as well as the database non-users.
The actions of the database users are known through database auditing. Database administrators set up the auditing for the sake of security purposes so that
users are not able to access information without permission. Therefore, database auditing helps in keeping a check on the actions of the database of the users.
The users who are accepted in the through the client _identifier attribute in the database are referred to as the non-database users. Auditing this type of users
unified audit policy condition or Oracle database real application security is used.
There are many advantages associated with auditing. Firstly, Auditing is important in that it allows accountability for actions such as actions taken on the schema,
table, or row which affects specific content (Groomer, & Murthy, 2018). Secondly, it helps in deterring intruders or users from inappropriate actions based on
their accountability. Thirdly, auditing notifies auditors of actions of an authorized user for instance when an intruder changes or deletes any file or if an operator has
extra rights than anticipated. Lastly, auditing helps in data monitoring and data gathering concerning a particular event .
The Constrained Method of Accessibility and Privacy Preserving Of Relational ...IJERA Editor
Now in organizations or companies maximum information or data available and that data are related to tabular
form means relational database. Sometimes organization wanted to distribute that particular information or data
in within organization or other organization in daily basis. Here the thing is that the organization faces the some
kind of problems of security related because they distributed that information for its purposes and here
sometimes organization wanted that particular information will be modified or upgraded, Now they can used
numbers of methods or technics for encryption and electronic signatures for given a security and protection of
that particular data in during transmission network. In that protection of that protection used various different
mechanisms and strong methods for accessing that specific that particular data or information. It is very well
known that current or today the proper data must take as access control polices. Also some kind of methods for
CIA towards database system must be adopted
Abstraction and Automation: A Software Design Approach for Developing Secure ...iosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
Adaptive authentication is a risk-based authentication that identifies high-risk and suspicious
illegitimate login attempts. User past login records which implicitly contains attribute factors
context information are used to establish user behavior profile. Later if the user logins under
different environmental context from that established profile, the identity of the user may be
questioned. The system may challenge the user to present additional authentication method to
get authenticated. We implemented such adaptive authentication system in our production
server and collected user login records for more than six months. In this paper, we presents the
analysis of the user login profile with regards to attribute factors such as geographical location
and time of login. We also developed testbed system that uses the collected real data to evaluate
the system for different ratio threshold values.
For more course tutorials visit
www.newtonhelp.com
CST 610 Project 1 Information Systems and Identity Management
CST 610 Project 2 Operating Systems Vulnerabilities (Windows and Linux)
CST 610 Project 3 Assessing Information System Vulnerabilities and Risk
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...ijcsta
Business logics of relational databases applications are an important source of security violations, namely in respect
to access control. The situation is particularly critical when access control policies are many and complex. In these
cases, programmers of business logics can hardly master the established access control policies. Now we consider
situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of
security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the
modification of data previously retrieved by Select statements. To overcome this security gap when Role-based
access control policies are used, we propose an extension to the basic model in order to control the two sources
of security threats. Finally, we present a software architectural model from which distributed and typed RBAC
mechanisms are automatically built, this way relieving programmers from mastering any security schema. We
demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.
This paper deals with the risk assessment of different types of electronics and mobile payment systems as well as the countermeasures to mitigate the identified risk in various electronics and mobile payment synthesis.
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...csandit
Database auditing has become a very crucial aspect
of security as organisations increase their
adoption of database management systems (DBMS) as m
ajor asset that keeps, maintain and
monitor sensitive information. Database auditing is
the group of activities involved in observing
a set of stored data in order to be aware of the ac
tions of users. The work presented here
outlines the main auditing techniques and methods.
Some architectural based auditing systems
were also considered to assess the contribution of
auditing to database security. Here a
framework of several stages to be used in the insti
gation of auditing is proposed. Some issues
relating to handling of audit trails are also discu
ssed in this paper. This paper also itemizes
some of the key important impacts of the concept to
security and how compliance with
government policies and regulations is enforced thr
ough auditing. Once the framework is
adopted, it will provide support to database audito
rs and DBAs.
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Enhancing security features in cloud computing for healthcare using cipher an...eSAT Journals
Abstract Health Care is the most important unindustrialized field. Cloud is an emerging trend in software industry. In medical field, there are large dataset comprising highly sensitive data about patient’s medical records. Based on these records, diagnosis for the patient will be given. Moving data to the cloud makes to explore a large information for diagnosis as expert documentation will also be stored as part of health record. Physicians from anywhere at any time can get access over these reports for better treatment. The Medicare industry vacillates to store these data to the cloud as the patients might feel insecure about their health records. This work introduces the idea of combining Cipher Cloud, Inter Cloud and ABE schemes, proposes an innovative method to enhance security features in the cloud by double encryption using algorithms and tools. By this, only authorized entities are proficient of accessing these records. Rather than storing data in single cloud, Inter Cloud (Multi-cloud) also adds advantage for our proposed work. Keywords: Virtualization, Cipher cloud, Trust, Encryption, Inter cloud
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
International Journal of Engineering Inventions (IJEI) provides a multidisciplinary passage for researchers, managers, professionals, practitioners and students around the globe to publish high quality, peer-reviewed articles on all theoretical and empirical aspects of Engineering and Science.
The peer-reviewed International Journal of Engineering Inventions (IJEI) is started with a mission to encourage contribution to research in Science and Technology. Encourage and motivate researchers in challenging areas of Sciences and Technology.
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data IJECEIAES
To be able to leverage big data to achieve enhanced strategic insight and make informed decision, an efficient access control mechanism is needed for ensuring end to end security of such information asset. Attribute Based Access Control (ABAC), Role Based Access Control (RBAC) and Event Based Access Control (EBAC) are widely used access control mechanisms. The ABAC system is much more complex in terms of policy reviews, hence analyzing the policy and reviewing or changing user permission are quite complex task. RBAC system is labor intensive and time consuming to build a model instance and it lacks flexibility to efficiently adapt to changing user’s, objects and security policies. EBAC model considered only the events to allocate access controls. Yet these mechanisms have limitations and offer feature complimentary to each other. So in this paper, Event-Role-Attribute based fine grained Access Control mechanism is proposed, it provide a flexible boundary which effectively adapt to changing user’s, objects and security policies based on the event. The flexible boundary is achieved by using temporal and environment state of an event. It improves the big data security and overcomes the disadvantages of the ABAC and RBAC mechanisms. The experiments are conducted to prove the effectiveness of the proposed Event-Role-Attribute based Access Control mechanism over ABAC and RBAC in terms of computational overhead.
3/12/2019 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id… 1/3
%50
%19
%2
SafeAssign Originality Report
Database Security - 201930 - CRN160 - Thota • Week 8 Paper
%71Total Score: High riskPratibha Sugureddygari
Submission UUID: b0b91467-9346-6662-c8c8-6d32b50133c4
Total Number of Reports
1
Highest Match
71 %
Submission_Text.html
Average Match
71 %
Submitted on
03/10/19
10:12 PM EDT
Average Word Count
670
Highest: Submission_Text.html
%71Attachment 1
Institutional database (6)
Student paperStudent paper Student paperStudent paper Student paperStudent paper
Student paperStudent paper Student paperStudent paper Student paperStudent paper
Internet (4)
oracle-baseoracle-base ugentugent oracleoracle
oracleoracle
Global database (1)
Student paperStudent paper
Top sources (3)
Excluded sources (0)
View Originality Report - Old Design
Word Count: 670
Submission_Text.html
33 11 22
44 1010 88
99 1111 77
55
66
33 Student paperStudent paper 11 Student paperStudent paper 99 oracle-baseoracle-base
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id=_43338_1&download=true&includeDeleted=true&print=true&force=true
3/12/2019 Originality Report
https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=043902cf-f693-4caf-93d5-0ab98b9f46b9&course_id… 2/3
Source Matches (19)
Student paper 100%
Student paper 65%
Student paper 71%
Student paper 62%
AUDIT_ADMIN and AUDIT_VIEWER
To start with, auditing is the monitoring and recording of configured database actions form both the users of the database as well as the database non-users.
The actions of the database users are known through database auditing. Database administrators set up the auditing for the sake of security purposes so that
users are not able to access information without permission. Therefore, database auditing helps in keeping a check on the actions of the database of the users.
The users who are accepted in the through the client _identifier attribute in the database are referred to as the non-database users. Auditing this type of users
unified audit policy condition or Oracle database real application security is used.
There are many advantages associated with auditing. Firstly, Auditing is important in that it allows accountability for actions such as actions taken on the schema,
table, or row which affects specific content (Groomer, & Murthy, 2018). Secondly, it helps in deterring intruders or users from inappropriate actions based on
their accountability. Thirdly, auditing notifies auditors of actions of an authorized user for instance when an intruder changes or deletes any file or if an operator has
extra rights than anticipated. Lastly, auditing helps in data monitoring and data gathering concerning a particular event .
Investigation on Revocable Fine-grained Access Control Scheme for Multi-Autho...IJCERT JOURNAL
Cloud computing is one of the emerge technologies in order to outsource huge volume of data inters of storage and sharing. To protect the data and privacy of users the access control methods ensure that authorized users access the data and the system. Fine grained-approach is the appropriate method for data access control in cloud storage. However, CP-ABE schemes to data access control for cloud storage systems are difficult because of the attribute revocation problem. Specifically, in this paper we investigate on revocable multi-authority Fine-grained-Scheme performance.
Requirement Based Intrusion Detection in Addition to Prevention Via Advanced ...IJRTEMJOURNAL
An intrusion detection system (IDS) is designed to monitor all inbound and outbound network
activity and identify any suspicious patterns that may indicate a network or system attack from someone
attempting to break into or compromise a system. IDS is considered to be a passive-monitoring system, since the
main function of an IDS product is to warn you of suspicious activity taking place − not prevent them. An IDS
essentially reviews your network traffic and data and will identify probes, attacks, exploits and other
vulnerabilities. IDSs can respond to the suspicious event in one of several ways, which includes displaying an
alert, logging the event or even paging an administrator. In some cases, the IDS may be prompted to reconfigure
the network to reduce the effects of the suspicious intrusion. The proposed protocol called Password Guessing
Resistant Protocol (PGRP), helps in preventing such attacks and provides a pleasant login experience for
legitimate users. PGRP limits the number of login attempts for unknown users. In additional we propose an attack
detector for cloud spoofing that utilizes MAC (Media access Control) and RSS (Received Signal strength) analysis.
Next, we describe how we integrated our attack detector into a real-time indoor localization system, which is also
capable of localizing the positions of the attackers.
In an organization specifically as virtual as cloud there is need for access control systems to constrain
users direct or backhanded action that could lead to breach of security. In cloud, apart from owner access
to confidential data the third party auditing and accounting is done which could stir up further data leaks.
To control such data leaks and integrity, in past several security policies based on role, identity and user
attributes were proposed and found ineffective since they depend on static policies which do not monitor
data access and its origin. Provenance on the other hand tracks data usage and its origin which proves the
authenticity of data. To employ provenance in a real time system like cloud, the service provider needs to
store metadata on the subject of data alteration which is universally called as the Provenance Information.
This paper presents a provenance-policy based access control model which is designed and integrated with
the system that not only makes data auditable but also incorporates accountability for data alteration
events.
Comprehensive Analysis of Contemporary Information Security Challengessidraasif9090
this could involve clicking on a designated upload button, dragging and dropping files into a specific area, or selecting files from a file explorer window.
Supported File Types: Specify which types of documents can be uploaded to the platform. This might include common formats such as PDFs, Word documents, Excel spreadsheets, images (JPG, PNG, etc.), and others.
A USER PROFILE BASED ACCESS CONTROL MODEL AND ARCHITECTUREIJCNC
Personalization and adaptation to the user profile capability are the hottest issues to ensure ambient
assisted living and context awareness in nowadays environments. With the growing healthcare and
wellbeing context aware applications, modeling security policies becomes an important issue in the
design of future access control models. This requires rich semantics using ontology modeling for the
management of services provided to dependant people. However, current access control models remain
unsuitable due to lack of personalization, adaptability and smartness to the handicap situation.
Immunizing Image Classifiers Against Localized Adversary Attacksgerogepatton
This paper addresses the vulnerability of deep learning models, particularly convolutional neural networks
(CNN)s, to adversarial attacks and presents a proactive training technique designed to counter them. We
introduce a novel volumization algorithm, which transforms 2D images into 3D volumetric representations.
When combined with 3D convolution and deep curriculum learning optimization (CLO), itsignificantly improves
the immunity of models against localized universal attacks by up to 40%. We evaluate our proposed approach
using contemporary CNN architectures and the modified Canadian Institute for Advanced Research (CIFAR-10
and CIFAR-100) and ImageNet Large Scale Visual Recognition Challenge (ILSVRC12) datasets, showcasing
accuracy improvements over previous techniques. The results indicate that the combination of the volumetric
input and curriculum learning holds significant promise for mitigating adversarial attacks without necessitating
adversary training.
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Dr.Costas Sachpazis
Terzaghi's soil bearing capacity theory, developed by Karl Terzaghi, is a fundamental principle in geotechnical engineering used to determine the bearing capacity of shallow foundations. This theory provides a method to calculate the ultimate bearing capacity of soil, which is the maximum load per unit area that the soil can support without undergoing shear failure. The Calculation HTML Code included.
Industrial Training at Shahjalal Fertilizer Company Limited (SFCL)MdTanvirMahtab2
This presentation is about the working procedure of Shahjalal Fertilizer Company Limited (SFCL). A Govt. owned Company of Bangladesh Chemical Industries Corporation under Ministry of Industries.
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
CFD Simulation of By-pass Flow in a HRSG module by R&R Consult.pptxR&R Consult
CFD analysis is incredibly effective at solving mysteries and improving the performance of complex systems!
Here's a great example: At a large natural gas-fired power plant, where they use waste heat to generate steam and energy, they were puzzled that their boiler wasn't producing as much steam as expected.
R&R and Tetra Engineering Group Inc. were asked to solve the issue with reduced steam production.
An inspection had shown that a significant amount of hot flue gas was bypassing the boiler tubes, where the heat was supposed to be transferred.
R&R Consult conducted a CFD analysis, which revealed that 6.3% of the flue gas was bypassing the boiler tubes without transferring heat. The analysis also showed that the flue gas was instead being directed along the sides of the boiler and between the modules that were supposed to capture the heat. This was the cause of the reduced performance.
Based on our results, Tetra Engineering installed covering plates to reduce the bypass flow. This improved the boiler's performance and increased electricity production.
It is always satisfying when we can help solve complex challenges like this. Do your systems also need a check-up or optimization? Give us a call!
Work done in cooperation with James Malloy and David Moelling from Tetra Engineering.
More examples of our work https://www.r-r-consult.dk/en/cases-en/
Hybrid optimization of pumped hydro system and solar- Engr. Abdul-Azeez.pdffxintegritypublishin
Advancements in technology unveil a myriad of electrical and electronic breakthroughs geared towards efficiently harnessing limited resources to meet human energy demands. The optimization of hybrid solar PV panels and pumped hydro energy supply systems plays a pivotal role in utilizing natural resources effectively. This initiative not only benefits humanity but also fosters environmental sustainability. The study investigated the design optimization of these hybrid systems, focusing on understanding solar radiation patterns, identifying geographical influences on solar radiation, formulating a mathematical model for system optimization, and determining the optimal configuration of PV panels and pumped hydro storage. Through a comparative analysis approach and eight weeks of data collection, the study addressed key research questions related to solar radiation patterns and optimal system design. The findings highlighted regions with heightened solar radiation levels, showcasing substantial potential for power generation and emphasizing the system's efficiency. Optimizing system design significantly boosted power generation, promoted renewable energy utilization, and enhanced energy storage capacity. The study underscored the benefits of optimizing hybrid solar PV panels and pumped hydro energy supply systems for sustainable energy usage. Optimizing the design of solar PV panels and pumped hydro energy supply systems as examined across diverse climatic conditions in a developing country, not only enhances power generation but also improves the integration of renewable energy sources and boosts energy storage capacities, particularly beneficial for less economically prosperous regions. Additionally, the study provides valuable insights for advancing energy research in economically viable areas. Recommendations included conducting site-specific assessments, utilizing advanced modeling tools, implementing regular maintenance protocols, and enhancing communication among system components.
NO1 Uk best vashikaran specialist in delhi vashikaran baba near me online vas...Amil Baba Dawood bangali
Contact with Dawood Bhai Just call on +92322-6382012 and we'll help you. We'll solve all your problems within 12 to 24 hours and with 101% guarantee and with astrology systematic. If you want to take any personal or professional advice then also you can call us on +92322-6382012 , ONLINE LOVE PROBLEM & Other all types of Daily Life Problem's.Then CALL or WHATSAPP us on +92322-6382012 and Get all these problems solutions here by Amil Baba DAWOOD BANGALI
#vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore#blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #blackmagicforlove #blackmagicformarriage #aamilbaba #kalajadu #kalailam #taweez #wazifaexpert #jadumantar #vashikaranspecialist #astrologer #palmistry #amliyaat #taweez #manpasandshadi #horoscope #spiritual #lovelife #lovespell #marriagespell#aamilbabainpakistan #amilbabainkarachi #powerfullblackmagicspell #kalajadumantarspecialist #realamilbaba #AmilbabainPakistan #astrologerincanada #astrologerindubai #lovespellsmaster #kalajaduspecialist #lovespellsthatwork #aamilbabainlahore #Amilbabainuk #amilbabainspain #amilbabaindubai #Amilbabainnorway #amilbabainkrachi #amilbabainlahore #amilbabaingujranwalan #amilbabainislamabad
1. DATABASE INTRUSION DETECTION USING
ROLE BASED ACCESS CONTROL
SYSTEM
Mrs. ANTONY VIGIL MRINALINI SHRIDHAR R OVIYA
ASSISTANT PROFESSOR STUDENT STUDENT
SRM UNIVERSITY SRM UNIVERSITY SRM UNIVERSITY
ABSTRACT- In this paper, we propose a different
approach for the database intrusion detection
(IDS). Database Management (DBMS) has
become a key criteria in the information system
(IS) storing valuable information of the system.
We are urged to protect it to the fullest without
losing any bit of information. Intrusion detection,
which gathers and analyses the information
system was one of the methods which protects the
database the fullest with all sorts of rules. In this
paper, we move into the Role based Access
Control (RBAC) system which controls the
administered databases for finding out sensitive
attributes of the system dynamically. Role based
Access Control is a method to restrict system
access by authorized and unauthorized people
directly. The access is based on the roles of the
individual users within the organization.
Important roles like administrator, access
sensitive attributes and if their audit logs are
mined, then some useful information regarding
the attributes can be used. This will help to decide
the sensitivity of the attributes. Since the models
of the database intrusion detection has proposed a
lot of rules , it is time to change the system to
protect it more evidently with less rules and
regulations which would be useful for detecting all
sorts of transactions.
Keywords: Database intrusion detection, Role
based access control system, Administered
database, Audit logs, Sensitive and attributes.
1.INTRODUCTION
In past years, Database Management System
(DBMS) have become an indispensible part of the
life of the organizers and the users using it. Hence it
was the primary priority to safeguard the DBMS, no
matter how easy or difficult it was. The motive of the
researches was first based on these ideas of
protecting the DBMS and to prevent the leakage of
data. The past years, Authentication user privileges ,
Auditing, Encryption and lots of methods have been
used to protect the data and the system. Amending all
the above methods, newer methods have come up to
protect the same for daily operations and decision
making in organizations. Database is a group or
collection of data's which may contain valuable and
sensitive information about the institution and
organization, which is accessed by the people of the
organization internally and externally every day.
Any leak of information in these systems
will devastate the whole database system and the
data's, leading to a great loss. Hence the data need to
be protected and secured. The recent models of
protection of DBMS were the dynamic threshold
method and the data mining method of Intrusion
detection system. Intrusion detection method is a
process which analyses the unauthorized access and
malicious behaviors and finds intrusion behaviors
and attempts by detecting the state and activity of an
operating system to provide an effective means for
intrusion defend. In this paper, we will see how
RBAC will help us to protect the database along with
the intrusion detection with limited rules.
RBAC- Role based access control, also
known as role based security is a method to restrict
access of just one user, and also many users
depending on the role of the users. The roles are
prioritized like Example: Administrators access
sensitive attributes and the DBMS and its attributes
can be used. RBAC is a rich technology for
authentication privileges and controlling the access of
the information and data. It makes the administration
of the security (work) much easier and simpler,
though the process may be tedious and little vast. The
possibility of adding newer application inside the
secured system is much easier with the different
access control mechanism. Extracting the data from
the protected information system is much easier only
by an authorized person. Talking about the sensitivity
of the attributes we will have to refine the audit log
to extract the data attributes.
In the past few years computer crime and
security survey conducted by the Computer Security
Institute(CSI) have seen a lot of drastic improvement
73
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
2nd INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH
ISBN : 378 - 26 - 138420 - 6
www.iaetsd.in
2. in both the aspects ,but only thing was that there need
to be a lot of adjustments in the rules given by each
model. We are in the scoop of improving the
database system and protecting it. In 2005, about
45% of the inquired entities have reported increased
unauthorized access to information due to the poor
system management. In 2007, financial application
fraud was the leading cause and found it double as
compared to the previous year also 59% of the
respondents outlined insider abuse as the security
problem. In 2013, survey the number has dropped
down and the security was much more than the past
few years. The statistics being, the percentage threats
due to insiders has been dropped to 20% and the
financial fraud which was a cause before were
eliminated in the upcoming years. Now only 10-20%
are reported as unauthorized users. This shows that
the database security has been improving day to day
and researches have been conducted every time a
model is proposed before implementing to action.
2.ROLE BASED ACCESS CONTROL MODEL
The Role based access control model
proposes 3 relationships between the attributes given.
They are:
a) USER-JOB: Which defines the relationship
between the user and the task defined in that system.
b) JOB-ACCESS: Which defines the relationship
between the job or the task of the person and the
access to that particular work.
c) JOB-JOB: Which defines the job to job
relationship between the users.
Now defining each attribute of the model we
have the users of an organization represents an
organizer or an agent of that field. The task or the job
represents the responsibility or the functioning of the
user within the organization. The access represents
the approval or a permission to that particular task or
event of that organization. The sessions box
represents the overall relationship between the user
and the task the contribution both has in the RBAC
model. It does not point towards the access field as
the access field is directed only by the task the user
performs. Constraints represent the limitations or the
boundary of each entity of that data that is, the user,
task or job, access as well as the relationship between
them is also restricted. The sessions represent the
Divide and rule mechanism of the RBAC model. The
fig 2 and 1 are interlinked process and each step of
the data flow diagram will implement the following
attributes of the user.
FIG 1. MODEL OF RBAC
3.RELATED WORKS
RBAC supports three well known principles and
hence we work out our plan in 3 steps:
1. Principle of minimal authority
2. Divide and rule method of duties
3. Data abstraction
Data secured
Authorization access
FIG 2. DATA FLOW DIAGRAM
The sensitivity of an attribute is based on
the database application. We have to divide the
attributes into 3 divisions so as to protect the
attributes according to the sensitivity or the position
order they hold. Sensitivity refers to the position
order a data has to be protected. If the data are least
sensitive we can give it minimal protection. If the
data are highly sensitive in the attribute set we need
Principle of minimal authority
User
Divide and rule method
Data abstraction
Data
USERS TASK /JOB ACCESS
SESSIONS
CONSTRAINTS
74
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
2nd INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH
ISBN : 378 - 26 - 138420 - 6
www.iaetsd.in
3. to protect it to the fullest. In some schematics we are
not able to tell whether the data is sensitive or not. To
give a clear picture of the attributes we have taken
the Student Database Schema.
TABLE 1.TEACHER'S SALARY DATABASE
SCHEMA
TABLE NAME ATTRIBUTE NAME
STAFF
Name [i], Staff-id [j], Address
[d], Phone no [a]
ACCOUNT
Account-id [b], Staff-id [c],
Status [g], Month [e], Year [f],
Amount [h]
SALARY TYPE
Salary-type [k], LOP and
Deductions [l]
TABLE 2. TYPES OF SENSITIVE ATTRIBUTES
SENSITIVITY ATTRIBUTE WEIGHTS
Light
sensitivity
a, b, c, d, i, ,j ,k I
Medium
sensitivity
e, f II
High sensitivity g, h, l III
The sensitivity of the attributes can also be
given by the entity-relationship model [E-R]. But
with relation to the RBAC model , an administrator is
required to control the database for its sensitivity. It
is a perception of the real world. It is the
diagrammatic representation of how the attributes are
considered. The * represents if the attributes are
sensitive or not. The model represents a collection of
entities or data's and the contribution to the system.
To maintain the account and the staff system we need
a main administrator. Hence the RBAC system
proposed in this E-R model .Thus E-R model is
modified as:
GETS
FIG 3.RBAC MODEL USING E-R MODEL
a) Principal of minimal authority- Also known as
the principle of least privilege means that the access
to the information system or its resources for only its
own legitimate purpose by every user or the module.
In simple words, we can say that an authorized user
can access that information system or the resource
only for their own privileged purpose. Privileged/
Authority refers to the right a user has or granting
access to the user to use a particular system. For
example, the user defined in its domain can access
only its domain and its attributes. The person
accessing a bank account can go through only their
bank procedures and account. The system does not
access or grant permission to access other accounts.
Similarly an admin user accessing a computer can go
into only the admin user account all other password
accounts are blocked for the admin user.
b)Divide and rule method of duties- it can also be
termed as the separation of duties among the users. It
helps the task to be completed faster. A mutual
exclusive role is achieved to complete a particular set
of task. RBAC brings this advantage of time
management. the database is secured as well as the
data are given to the authorized people easily with
security.
c)Data abstraction- Data abstraction is a simple
concept of accessing the data whenever we want to
but with the permission of authorized people. It has
different modes to it.
STAFF + ACCOUNT + SALARY TYPE =
ACCOUNTS ADMINISTRATOR
NAME* STAFF ID* ADDRESS*
STAFF
ACCOUNT
ACC ID* AMT DEPOSIT*** STATUS**
ACCOUNTS
Administrator
75
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
2nd INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH
ISBN : 378 - 26 - 138420 - 6
www.iaetsd.in
4. i)Public Mode- The access to the data by
any user of the domain, but limited to a particular
organization. This requires a common security where
only the users of the organization can access it.
ii)Private Mode- The access of the data is
limited only to the key user of that particular search
of interest. That is only the accountants can handle
the accounts of the organization and hence access to
that particular class is given only to that particular
user. A manager accessing the accounts of the
company will be denied from accessing it.
iii)Protected Mode- The user in that
particular domain and the senior user that is one or
maximum two users who has to write to access that
domain can access it with ease. Example only the
accountants and the chief of the company can check
the accounts of hat particular institution and make
changes in that. The others have no right to access
these without their permission. For the others the
domain remains in blocked state.
4. IMPLEMENTATION
RBAC is a complex system that involves a
strategic process prepared by an expertise. RBAC is
best implemented by applying a structured and
detailed procedure. The use of divide and rule
method is very essential to implement these process.
Each task or step is broken down into sub tasks for
the work and implementation to be easier and more
efficient. The steps involved are:
FIG 4.PROCESS
a)Develop Plans- To make best use of RBAC we can
develop and plan for the RBAC system into best
work in an organization or for a project's security of
data. Example to extract the maximum security from
RBAC a development plan including a project, etc.
should be developed along with the deadline , budget
etc.
b)Compile- This step involves the collection and
putting together of all data , files , projects, etc. so as
to identify the level of security needed to implement
it. Sensitivity of the attributes should be determined
so as to segregate and compile the system to one to
provide the highest security possible.
c)Define Roles- As we have discussed that operation
of database system is first best used only by the key
user or the important user of that organizer or a
system. Hence assigning a particular role to that
person for the easy access of the software to access
the data with ease and implement any kind of proper
change within the system.
d)Analyze- this is a main step for any kind of system
to know and to formulate RBAC. This would bring
about the betterment of the system so that the next
stage of implementation would be easier to execute.
Any changes needed in the system should be done in
this stage so that no further disputes arise at the later
stage.
e)Integrate- Before any problem occurs in the system
like system failure, we need to transfer each
application's security system to a centralized security
system so as to provide a secured companywide
information access. this would be the last step of the
process and would be the final stage without making
any changes.
e)Implement- To put forth whatever we have
executed these many steps without any errors or any
types of problems. These are the best ways to protect
a data from the external user.
Thus refining the system and protecting it
according to the steps followed would give a better
result. Always the principle of divide and rule
method is followed in RBAC which is the key
principle of the system.
5.PROCESS USING A FORMULAE
Each datum is a process streamline flow of
information which is guarded by security. These
syntaxes along with the formula help in the security
purpose. This formula was implemented in the Web
Based technology, now it is time to implement it in
Database to ensure its safety.
DEVELOP PLANS
COMPILE
DEFINE ROLES
ANALYSE
INTERGRATE
IMPLEMENT
76
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
2nd INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH
ISBN : 378 - 26 - 138420 - 6
www.iaetsd.in
5. Syntax:
For the above E-R diagram of the process ,the
interaction between the staff salary and the account
we can create a formula based on the process.
The other way of representing it is to split the
process:
Where staff and the account have no
sensitivity and hence it's just an attribute of the
system, where as the other attribute- name, staff id,
phone, account, account id, amount deposited are the
inputs and the output is the status.
The two processes can be divided and then
later combined to form a single equation. If the
process needs to be changed or read or any other kind
of operations, they can be done by the given formula
which would be useful for the later run.
To calculate the sensitivity or to know the
sensitivity of the attributes, automatic capitalization
would be invoked to represent the highest sensitive
attributes in the given set of data or the formula
generated at the end of the process typed. The least
sensitive are given in small letters. The medium
sensitive might be in italic letters. The ones inside
brackets represents that it is a secured data and hence
it is the start of the process and that the data must be
protected fully. Hence we cannot find the sensitivity
of the attribute at the mid stage of the process. The
same process with a change to denote the sensitivity
is represented as :
The other way is:
P1=>| (staff)P| name(P).X | staff id(P).X | phone(P).X
P2=>| (account)P | account id(P).X | AMOUNT
DEPOSITED(P).X|STATUS(P).Y
P=>| P1||P2
Thus this formula would be easy for the
generation of large sets of data and to secure the data
and hence even if there is a small change in the
capitalization or the attributes or the brackets or any
syntax mistake there would be an error generated in
the system which would spoil the whole set of data.
This is done for just a small set of data. We can
proceed this for a huge one. An outsider seeing this
would not understand the type of data or the
importance of the data and hence would hesitate to
meddle with it.
6.CONCLUSION
Intrusion detection mechanism helps to
secure the data in an organization. In this paper we
have discussed in detail how the database could be
secured by using Role Based Access Control System.
The key benefits of RBAC are high efficiency and
low maintenance cost for any type of organization be
it big or small. Also RBAC system could be designed
and used to improve the operational performance and
strategic business value. This system could
streamline and automate any business procedures,
thus providing high/ better/ faster benefits to the user.
It also helps to maintain privacy and confidentially of
the employees in any organization. Thus we can
conclude that mission to protect any key business
process is a main vision of RBAC system in database
intrusion detection.
P=>0 no process
| P | P composition of the process
| O(P).X output value of the process, X is the
outcome.
| I(P).Y input value/ getting input from the
user of the process, Y is the input variable.
| !!I(P).Y repetition of the input variables.
P=> run the process
| D(P) main data or the attributes
| read(P) read the data or the attributes
| change(P) change the data or the attributes
P=>enable(R).D gives permission to R to
access a data
P=>disable(R)>D gives permission to R to
disable the data or remove or stop the process till R.
P=>| {(staff)P | name(P).X | staff id(P).X |
phone(P).X} || {(account)P | account id(P).X |
amount deposited(P).X | status(P).Y}
P1=>| (staff)P| name(P).X | staff id(P).X | phone(P).X
P2=>| (account)P | account id(P).X | amount
deposited(P).X | status(P) .Y
P=>| P1||P2
P=>| {(staff)P | name(P).X | staff id(P).X |
phone(P).X} || {(account)P | account id(P).X |
AMOUNT DEPOSITED(P).X | STATUS(P).Y}
77
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
2nd INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH
ISBN : 378 - 26 - 138420 - 6
www.iaetsd.in
6. REFERENCES
[1] Intrusion detection database system with dynamic
threshold value By Khomlal sinha and Tripti Sharma
[2] Database Intrusion Detection using Weighted
Sequence Mining Abhinav Srivastava1, Shamik Sural1 and
A.K. Majumdar2
[3] J. Han, M. Kamber, Data Mining: Concepts and
Techniques, Morgan Kaufmann Publishers (2001).
[4] U. Fayyad, G. P. Shapiro, P. Smyth, The KDD Process
for Extracting Useful Knowledge from Volumes of Data,
Communications of the ACM, pp. 27-34 (1996).
[5] R. Bace, P. Mell, Intrusion Detection System, NIST
Special Publication on Intrusion Detection System (2001).
[6] A. Srivastava, S. Sural, A.K. Majumdar, Weighted
Intratransactional Rule Mining for Database Intrusion
Detection, Lecture Notes in Artificial Intelligence, Springer
Verlag, Proceedings of Pacific-Asia Conference in
Knowledge Discovery and Data Mining, pp. 611-620
(2006).
[7] W. Lee, S.J. Stolfo, Data Mining Approaches for
Intrusion Detection, Proceedings of the USENIX Security
Symposium, pp. 79-94 (1998).
[8] D. Barbara, J. Couto, S. Jajodia, N. Wu, ADAM: A
Testbed for Exploring the Use of Data Mining in Intrusion
Detection, ACM SIGMOD, pp. 15-24 (2001).
[7] C. Y. Chung, M. Gertz, K. Levitt, DEMIDS: A Misuse
Detection System for Database Systems, IFIP TC-11 WG
11.5 Working Conference on Integrity and Internal Control
in Information System, pp. 159-178 (1999).
[8] V.C.S. Lee, J.A. Stankovic, S.H. Son, Intrusion
Detection in Real-time Database Systems Via Time
Signatures, Real Time Technology and Application
Symposium, pp. 124 (2000).
[9] Intrusion detection database system with dynamic
threshold value By Khomlal sinha and Tripti Sharma
[10] Database Intrusion Detection using Weighted
Sequence Mining Abhinav Srivastava1, Shamik Sural1 and
A.K. Majumdar2
[11] S.Y. Lee, W.L. Low, P.Y. Wong, Learning
Fingerprints for a Database Intrusion Detection System,
Proceedings of the European Symposium on Research in
Computer Security,
pp. 264-280 (2002).
78
INTERNATIONAL ASSOCIATION OF ENGINEERING & TECHNOLOGY FOR SKILL DEVELOPMENT
2nd INTERNATIONAL CONFERENCE ON CURRENT TRENDS IN ENGINEERING RESEARCH
ISBN : 378 - 26 - 138420 - 6
www.iaetsd.in