Please use this identifier to cite or link to this item:
http://dspace.dtu.ac.in:8080/jspui/handle/repository/19753
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | YADAV, REETU | - |
dc.date.accessioned | 2023-05-25T06:29:54Z | - |
dc.date.available | 2023-05-25T06:29:54Z | - |
dc.date.issued | 2022-06 | - |
dc.identifier.uri | http://dspace.dtu.ac.in:8080/jspui/handle/repository/19753 | - |
dc.description.abstract | Organisations are increasingly employing databases on a large scale to store critical data that is essential for their functioning. Malicious access and modifications of the databases may lead to adverse financial and legal implications. In recent years, security researchers have focused on detecting abuse of access privileges by the employees of an organisation. Identifying threats from insiders is hard because they are aware of the organisation of the database in addition to having authorised access privileges. Therefore, an intrusion detection system(IDS) collects data from a computer system, analyses it for security faults, and reports the results to the administrator. Most of the current systems are not sufficient in properly classifying the users based on their access privileges and often end up flagging the legitimate users as intruders. These systems based on dependency mining rely on hard-coded values of sensitivity parameters which makes the system prone to a decrease in accuracy over time due to changes in user behaviour. On the other hand, the techniques that rely purely on unsupervised learning methods and data mining generally suffer from a higher false positive rate and supervised learning methods have proven to be ineffective against novel attacks. Majority of the techniques suffer from low recall because of their sensitivity towards changing user access patterns. Thus, there exists a need for a hybrid approach that caters to the pitfalls of both the topologies while retaining their benefits. To overcome the above problems, we propose novel approaches to integrate the benefits of various mining and metaheuristic techniques for reducing the high false positive rate. The thesis first addresses a new data mining-based approach namely ‘The Fuzzy Asso ciation Data Dependency Rule Miner (FADDRM) for identifying malicious transactions in databases by mining data dependencies between data items. Our method focuses on extracting association rules using fuzzy association rule mining in combination with Fuzzy Connected Clustering (FCC) and the rules are used to classify the transactions as 3 malicious or non-malicious. In the second part, we discuss a novel database intrusion detection system (DIDS) based on Expectation Maximisation Clustering and Sequential Pattern Mining (EMSPM). This method relies on the database pre-existing logs and the data dependency rules that are obtained by mining user information access patterns using modified PrefixSpan algo rithm. The Expectation Maximisation clustering algorithm assigns role profiles based on the database user’s behaviours. These clusters and patterns are then processed into an algorithm that prevents generation of unwanted rules as well as malicious transactions. In the third part, we present a BIDE and modified Particle Swarm Optimization clus tering based malicious query detection (BPSOMQD) approach.This method incorporates frequent closed sequential pattern mining which forms the basis for generation of data dependency rules. Further to recognise anomalous user activity, modified Particle Swarm Optimization algorithm is proposed which is used to generate role profiles associated with the transaction. To classify a transaction as malicious or non-malicious, a combination of Multilevel Rule Similarity Score (MRSS) between data dependency rules, incoming transactions and Cluster Similarity Index (CSI) with created role profiles is used. In the fourth part, we propose a Frequent Sequential Pattern mining and a modified metaheuristic hybrid clustering of Grey Wolf and Whale optimization algorithm (FPG WWO) to identify malicious transactions in RBAC and non-RBAC supervised databases. We use the CM-SPADE mining algorithm to extract database dependency rules that are used to detect outsider threats. Insider threats are detected by comparing user activities to previously determined role profiles that are assigned using the modified metaheuristic clustering from the past user behaviour. During the learning phase, transactions are la belled malicious on the basis of novel similarity threshold, i.e., the “congruity index”. If the transaction is found to be malicious, an alarm is triggered and the database executes a rollback.During the detection phase, a role matcher authenticates role clusters for the incoming transaction. If the role profile is not matched, the transaction is labelled as malicious and aborted. In the fifth part, we propose Trust factor based analysis of user behaviour using se 4 quential pattern mining for detecting intrusive transactions in databases (TFUBID) to prevent misuse of access privileges by insiders of an organisation. Since, groups of users access the organisational database for similar purposes, we cluster user behaviour vectors using fuzzy clustering and define a class of Integral Data Attributes using sequential pat tern mining to model trust factor based behavioural patterns of employees accessing the database assigning higher weight to critical elements and Directly Correlated Attributes. Modified Jensen-Shannon distance is used to give weights to data attributes and avoid the curse of dimensionality in dissimilarity calculation.The idea of an “incredulity score” is introduced which quantifies the degree of anomalous behaviour exhibited by each user based on his previous transactions. Finally, we propose Outlier based Intrusion Detection in Databases for User Behaviour Analysis using Weighted Sequential Pattern Mining (OIUWSPM) ,a novel method for detecting malicious transactions that follows a sequential flow that begins with outlier detection and continues with various behavioural checks at the role induced rule mining component and user level feature extraction. The idea of Dynamic Sensitivity is used distinctively at role level which complements the access counts of each attribute. We introduce the notion of Coherence Count computed by the application of Longest Common Subsequence(LCS) and the utilisation of Levenshtein distance for calculating Divergence between the user level Relation access paths. We analyse user behaviour by registering user level Relation access path reinforced on user transactions. Comprehensive implementation of the above models reveal that their performance is better and more efficient than other models. | en_US |
dc.language.iso | en | en_US |
dc.relation.ispartofseries | TD-6312; | - |
dc.subject | BIONANOCOMPOSITE | en_US |
dc.subject | OPTOELECTRONICS APPLICATIONS | en_US |
dc.subject | SILK FIBROIN | en_US |
dc.subject | NANOPARTICULATE FILLER | en_US |
dc.subject | IDS | en_US |
dc.title | STUDIES ON SILK FIBROIN/NANOPARTICULATE FILLER BASED BIONANOCOMPOSITE FOR OPTOELECTRONICS APPLICATIONS | en_US |
dc.type | Thesis | en_US |
Appears in Collections: | Ph.D. Applied Chemistry |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
Indu Singh Ph.D..pdf | 7.66 MB | Adobe PDF | View/Open |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.