Detecting intrusion via insider attack in database transactions by learning disentangled representation with deep metric neural network

Gwang Myong Go, Seok Jun Bu, Sung Bae Cho

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Database management systems based on role-based access control are widely used for information storage and analysis, but they are reportedly vulnerable to insider attacks. From the point of adaptive system, it is possible to perform classification on user queries accessing the database to determine insider attacks when they differ from the predicted values. In order to cope with high similarity of user queries, this paper proposes a deep metric neural network with hierarchical structure that extracts the salient features appropriately and learns the quantitative scale of similarity directly. The proposed model trained with 11,000 queries for 11 roles from the benchmark dataset of TPC-E produces the classification accuracy of 94.17%, which is the highest compared to the previous studies. The quantitative performance is evaluated by 10-fold cross-validation, the feature space embedded in the neural network is visualized by t-SNE, and the qualitative analysis is conducted by clustering the compression vectors among classes.

Original languageEnglish
Title of host publication13th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2020
EditorsÁlvaro Herrero, Carlos Cambra, Daniel Urda, Javier Sedano, Héctor Quintián, Emilio Corchado
PublisherSpringer Science and Business Media Deutschland GmbH
Pages460-469
Number of pages10
ISBN (Print)9783030578046
DOIs
Publication statusPublished - 2021
Event13th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2020 - Burgos, Spain
Duration: 2020 Sep 162020 Sep 18

Publication series

NameAdvances in Intelligent Systems and Computing
Volume1267 AISC
ISSN (Print)2194-5357
ISSN (Electronic)2194-5365

Conference

Conference13th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2020
CountrySpain
CityBurgos
Period20/9/1620/9/18

All Science Journal Classification (ASJC) codes

  • Control and Systems Engineering
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Detecting intrusion via insider attack in database transactions by learning disentangled representation with deep metric neural network'. Together they form a unique fingerprint.

  • Cite this

    Go, G. M., Bu, S. J., & Cho, S. B. (2021). Detecting intrusion via insider attack in database transactions by learning disentangled representation with deep metric neural network. In Á. Herrero, C. Cambra, D. Urda, J. Sedano, H. Quintián, & E. Corchado (Eds.), 13th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2020 (pp. 460-469). (Advances in Intelligent Systems and Computing; Vol. 1267 AISC). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-57805-3_43