Universiti Teknologi Malaysia Institutional Repository

System architecture for SQL injection and insider misuse detection system for DBMS

Asmawi , Aziah and Mohamed Sidek , Zailani and Abd Razak, Shukor (2008) System architecture for SQL injection and insider misuse detection system for DBMS. In: Proceedings - International Symposium on Information Technology 2008, ITSim. Institute of Electrical and Electronics Engineers, New York, pp. 2765-2770. ISBN 978-142442328-6

Full text not available from this repository.

Official URL: http://dx.doi.org/10.1109/ITSIM.2008.4631942

Abstract

As organizations increase their adoption of database systems as one of their key data management technologies for the daily operations and decision makings, the security of data managed by these systems becomes crucial. Damage and misuse of data affect not only a single user or application, but may have effect the entire organization. The recent rapid proliferations of web-based applications with database at its backend have further increased the risk of database exposure to the outside world. There are many recent reports on intrusion from external hackers which compromised the database system. However, there are also insiders who abuse their privileges and access the database system for many intentions. For that reason, it is imperative for us to secure database system from both external and internal attacks. This paper describes on database security threats and the existing works that had been done to mitigate these problems. One of possible solutions is by using Intrusion Detection System (IDS). For that reason, this study proposed a novel SQL Injections and Insider Misuse Detection System (SIIMDS) to provide higher level of security for database system.

Item Type:Book Section
Additional Information:ISBN: 978-142442328-6; International Symposium on Information Technology 2008, ITSim; Kuala Lumpur; 26 August 2008 through 29 August 2008
Uncontrolled Keywords:computer crime, information technology, intrusion detection, management information systems, personal computing, security of data, security systems, signal detection
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computer Science and Information System (Formerly known)
ID Code:12773
Deposited By: Liza Porijo
Deposited On:28 Jun 2011 09:10
Last Modified:28 Jun 2011 09:10

Repository Staff Only: item control page