Home // ICDS 2015, The Ninth International Conference on Digital Society // View article

A Comparison of Data Mining Techniques for Anomaly Detection in Relational Databases

Authors:
Charissa Ann V. Ronao
Sung-Bae Cho

Keywords: intrusion detection; anomaly detection; database security; data mining; analysis

Abstract:
Data mining has gained a lot of attention in recent years especially with the advent of big data. In line with this, relational database management systems (RDBMS) have also become the ultimate layer in preventing malicious data access. However, despite the presence of traditional database security mechanisms, it is apparent that database intrusions still occur. Thus, there is an imminent need in developing a robust and efficient intrusion detection system (IDS) especially tailored for databases. Among the few studies that have been published with regards to the problem at hand, most researchers have proposed the use of data mining techniques to detect database anomalous behavior. However, up to this date, there has been no work aimed to objectively compare these various data mining techniques as applied to the field of database IDS. In this paper, we evaluate the state-of-the-art feature selection and data mining algorithms in the context of database IDS and provide a clear performance comparison of these techniques under common grounds. Experiments show that principal components analysis produces a reasonably compact and meaningful subset of features while graphical models like decision trees, random forest, and Bayesian networks yield a consistently high performance in detecting anomalies in databases.

Pages: 11 to 16

Copyright: Copyright (c) IARIA, 2015

Publication date: February 22, 2015

Published in: conference

ISSN: 2308-3956

ISBN: 978-1-61208-381-0

Location: Lisbon, Portugal

Dates: from February 22, 2015 to February 27, 2015