A Cloud and In-Memory Based Two-Tier Architecture of a Database Protection System from Insider Attacks

被引：0

作者：

Moon, Cheolmin Sky ^{[1
]}

Chung, Sam ^{[1
,2
]}

Endicott-Popovsky, Barbara ^{[2
]}

机构：

[1] Univ Washington, Inst Technol, Comp Sci & Syst, Tacoma, WA USA

[2] Univ Washington, Ctr Informat Assurance & Cybersecur, Seattle, WA 98195 USA

来源：

INFORMATION SECURITY APPLICATIONS, WISA 2013 | 2014年 / 8267卷

关键词：

Insider attacks; Database audit logs; File system audit logs; Monitoring; Cloud computing; In-memory database;

D O I：

10.1007/978-3-319-05149-9_17

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

As a response of emerging insider attacks targeting on database, we are proposing architecture of database protection system from insider attacks. Existing pattern matching approach to detect insider attacks cannot provide perfect solution because of false positive and true negative ratios. Accordingly, we still need reasoning by a human at the last decision to declare that the insider is malicious or not using analysis on history of transaction logs performed by the insider. To construct a system with the consideration above, the system needs to satisfy following requirements: (1) effective monitoring and analysis on large amount of log data (2) scalable system depending on increase or decrease of the log data, and (3) prompt analysis even though the amount of the log data is large enough. We propose a two-tier, distributed, cloud, and in-memory computing based architecture. The proposed architecture brings several benefits such as managing a large amount of log data, distributing analysis workload over multiple nodes, being scalable on big log data, and supporting real-time analysis of big log data.

引用

页码：260 / 271

页数：12

共 50 条

[1] A Two-Tier Coordination System against DDoS Attacks
Chen, Chin-Ling
Chang, Chih-Yu
INTERNATIONAL JOURNAL OF ONLINE ENGINEERING, 2013, 9 (04) : 15 - 21
[2] Cloud-Based In-Memory Columnar Database Architecture for Continuous Audit Analytics
Wang, Yunsen
Kogan, Alexander
JOURNAL OF INFORMATION SYSTEMS, 2020, 34 (02) : 87 - 107
[3] Software Defined Wireless Access for a Two-Tier Cloud System
Monfared, Sina
Bannazadeh, Hadi
Leon-Garcia, Alberto
PROCEEDINGS OF THE 2015 IFIP/IEEE INTERNATIONAL SYMPOSIUM ON INTEGRATED NETWORK MANAGEMENT (IM), 2015, : 566 - 571
[4] Two-tier based intrusion detection system
Kim, BJ
Kim, IK
FUZZY SYSTEMS AND KNOWLEDGE DISCOVERY, PT 2, PROCEEDINGS, 2005, 3614 : 581 - 591
[5] Design of a Two-Tier WSN-based IoT Surveillance System with Cloud Integration
Chimsom, Chukwuemeka L.
Habib, Maki K.
PROCEEDINGS OF THE 2019 20TH INTERNATIONAL CONFERENCE ON RESEARCH AND EDUCATION IN MECHATRONICS (REM 2019), 2019,
[6] Graph based clustering for two-tier architecture in Internet of things
Kumar, J. Sathish
Zaveri, Mukesh A.
2016 IEEE INTERNATIONAL CONFERENCE ON INTERNET OF THINGS (ITHINGS) AND IEEE GREEN COMPUTING AND COMMUNICATIONS (GREENCOM) AND IEEE CYBER, PHYSICAL AND SOCIAL COMPUTING (CPSCOM) AND IEEE SMART DATA (SMARTDATA), 2016, : 229 - 233
[7] Young Syrian refugees in the UK: a two-tier system of international protection?
Karyotis, Georgios
Mulvey, Gareth
Skleparis, Dimitris
JOURNAL OF ETHNIC AND MIGRATION STUDIES, 2021, 47 (03) : 481 - 500
[8] A Two-tier Network based Intrusion Detection System Architecture using Machine Learning Approach
Divyatmika
Sreekesh, Manasa
2016 INTERNATIONAL CONFERENCE ON ELECTRICAL, ELECTRONICS, AND OPTIMIZATION TECHNIQUES (ICEEOT), 2016, : 42 - 47
[9] TMTACS: Two-Tier Multi-Trust-Based Algorithm to Countermeasure the Attacks
Bharti, Meena
Rani, Shaveta
Singh, Paramjeet
CMC-COMPUTERS MATERIALS & CONTINUA, 2022, 73 (02): : 3497 - 3512
[10] A Design of Two-tier SaaS Architecture Based on Group-tenant
Yuan, Hao
Liu, Xiaoping
Guo, Chunhui
PROCEEDINGS OF 2012 2ND INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT 2012), 2012, : 340 - 344

← 1 2 3 4 5 →