Database anomaly detection model based on mining object-condition association rules
A database anomaly detection model based on mining object-condition association rules(OCAR) was proposed.Through analyzing and formalizing the only maximum conditional expression of SQL statements with WHERE clause, the object-condition association rule sets(OCARS) are mined, which represent normal...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Editorial Department of Journal on Communications
2009-01-01
|
| Series: | Tongxin xuebao |
| Subjects: | |
| Online Access: | http://www.joconline.com.cn/zh/article/74651225/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | A database anomaly detection model based on mining object-condition association rules(OCAR) was proposed.Through analyzing and formalizing the only maximum conditional expression of SQL statements with WHERE clause, the object-condition association rule sets(OCARS) are mined, which represent normal user patterns.And the OCARS are used in anomaly detection.Additionally, OCARS mining algorithm and anomaly detection algorithm were given, and they could be easily used in anomaly transaction detection mechanism.In the end, the experiments about detecting SQL injection were given, and the performance and application were also analyzed. |
|---|---|
| ISSN: | 1000-436X |