Framework for detecting outlier and database intrusions

Ескіз

Файли

303507-746395-2-10-20250331.pdf (981.83 KB)

Дата

2024

Автори

Науковий керівник

Назва журналу

Номер ISSN

Назва тому

Видавець

Igor Sikorsky Kyiv Polytechnic Institute

Анотація

This paper presents a methodology and framework for detecting anomalies in the actions of relational database users, with a focus on insider threats. The architecture of the framework is described, including the choice of parameters for logging user behavior and the justification of the anomaly detection algorithm. An overview of the existing anomaly-detection solutions is provided. The proposed methodology for the functioning of the framework is outlined with recommendations on the choice of algorithm parameters. The analysis of insider actions in databases provides an original approach to anomaly detection and contributes to the field of information security.

Опис

Ключові слова

Anomaly detection, insiders, machine learning algorithm

Бібліографічний опис

Kolomytsev, M. V. Framework for detecting outlier and database intrusions / Mykhailo V. Kolomytsev, Svitlana O. Nosok // Theoretical and Applied Cybersecurity: scientific journal. – 2024. – Vol. 6, No. 2. – P. 43-51. – Bibliogr.: 20 ref.

ORCID

URI

https://ela.kpi.ua/handle/123456789/73317

DOI

https://doi.org/10.20535/tacs.2664-29132024.2.303507

Зібрання

Theoretical and Applied Cybersecurity: scientific journal, Vol. 6, No. 2