Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behavioural-based Anomaly Detection Systems -- A Brief Survey of Concepts and Approaches

TL;DR

This paper surveys behavioral-based database intrusion detection systems focusing on detecting insider threats, highlighting concepts and approaches to identify malicious insider activities in database management systems.

Contribution

It provides a comprehensive overview of existing concepts and approaches for insider threat detection using behavioral anomaly detection in databases.

Findings

Behavioral-based systems effectively detect insider threats.

Various approaches exist for anomaly detection in DBMS.

Survey highlights key concepts and methodologies.

Abstract

One of the data security and privacy concerns is of insider threats, where legitimate users of the system abuse the access privileges they hold. The insider threat to data security means that an insider steals or leaks sensitive personal information. Database Intrusion detection systems, specifically behavioural-based database intrusion detection systems, have been shown effective in detecting insider attacks. This paper presents background concepts on database intrusion detection systems in the context of detecting insider threats and examines existing approaches in the literature on detecting malicious accesses by an insider to Database Management Systems (DBMS).