Intelligent Multi-Agent Based Multivariate Statistical Framework for Database Intrusion Prevention

Intelligent Multi-Agent Based Multivariate Statistical Framework for Database Intrusion Prevention System

P. Ramasubramanian and A. Kannan

School of Computer Science and Engineering, Anna University, India

 

Abstract: This paper describes a framework for highly distributed real-time monitoring approach to database security using intelligent multi-agents. The intrusion prevention system described in this paper uses a combination of both statistical anomaly prevention and rule based misuse prevention in order to detect a misuser. This paper describes a framework for a statistical anomaly prediction system using a multivariate statistical forecasting model, which predicts unauthorized invasions of user based on previous observations and takes further action before intrusion occurs. This paper focuses on detecting significant changes of transaction intensity for intrusion prevention. The experimental study is performed using real data provided by a major Corporate Bank. Furthermore, a comparative evaluation of the proposed model over the traditional statistical forecasting models was carried out using mean absolute percentage error on a prediction data set and a better prediction accuracy has been observed. The misuse prevention system uses a set of rules that define typical illegal user behavior. A separate rule subsystem is designed for this misuse detection system and it is known as Temporal Authorization Rule Markup Language (TARML). In order to reduce single point of failures in centralized security system, a dynamic distributed system has been designed in which the security management task is distributed across the network using intelligent multi-agents.

Keywords: Multi-agents, database security, statistical database anomaly prediction, database misuse detection.

Received April 15, 2004; accepted August 16, 2004

Read 7373 times Last modified on Wednesday, 20 January 2010 03:15
Share
Top
We use cookies to improve our website. By continuing to use this website, you are giving consent to cookies being used. More details…