Iнформаційні технології захисту баз даних від кібератак в інформаційних системах військового призначення

Ihor Subach; Oleksandr Vlasenko

doi:10.20535/2411-1031.2022.10.2.270412

Authors

Ihor Subach Institute of special communication and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv, Ukraine https://orcid.org/0000-0002-9344-713X
Oleksandr Vlasenko Military institute of telecommunications and information technologies named after the Heroes of Kruty, Kyiv, Ukraine https://orcid.org/0000-0001-6671-870X

DOI:

https://doi.org/10.20535/2411-1031.2022.10.2.270412

Keywords:

database, cyber defense, cyber threats., cyber-attack, intrusion detection system, fuzzy set theory

Abstract

With the beginning of the Russian Federation’s large-scale invasion of Ukraine, the number of cyberattacks on state authorities, critical infrastructure facilities, and units whose activities involve the processing of critically important information, including the information systems (IS) of the Armed Forces of Ukraine, has significantly increased. Modern information systems for military purposes (ISMP) are an integral part of any system of management of defense and security forces of the state and play an important role in the management of troops on the battlefield. The database (DB) is an integral part of any ISMP, and its cyber protection is one of the most important factors in ensuring the integrity, confidentiality and availability of data. The article presents an analysis of the current state of cyber protection of databases in ISMP. A comparative analysis of existing cyber threats and types and types of cyber-attacks on the resources of database management systems (DBMS) is given. Database security levels are defined, and database security threats are classified according to them. The existing methods and modern software solutions for database protection (DBMS) against various types of cyberattacks are considered, their advantages and disadvantages are described. A promising direction for improving existing systems for detecting cyberattacks in the aspect of implementing database protection at all levels of the DBMS ecosystem, as well as all components of the ISMP cyber protection architecture, is proposed, the essence of which is the intelligent processing of the received consolidated data. Consolidation of database data (processing of information about events and cyber incidents directly related to the database) subject to analysis provides a basis for the development of new approaches to the detection of cyber-attacks, which are based on monitoring non-typical scenarios (exploits) of their implementation. This approach provides an opportunity to resolve the identified contradiction in the field of database cyber protection in the context of the inconsistency of the requirements that are put forward for the methods of cyber protection of the ISMP database and the possibilities for their implementation. In addition, the implementation of the proposed approach in combination with the theory of fuzzy sets will allow effective cyber protection of databases in conditions of incompleteness and inaccuracy of information.

Author Biographies

Ihor Subach, Institute of special communication and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv

doctor of technical science, associate professor, head at the cybersecurity and application of information systems and technologies academic department

Oleksandr Vlasenko, Military institute of telecommunications and information technologies named after the Heroes of Kruty, Kyiv

postgraduate student

References

E. Burtescu, “Database Security, Attacks аnd Control Methods”, Journal of Applied Sciences and Technology, pp. 449-453, 2009.

I. Subach, A. Mykytiuk, and V. Kubrak, “Architecture and functional model of a perspective proactive intellectual SIEM for cyber protection of objects of critical infrastructure”, Information Technology and Security, vol 7, iss. 2, pp. 208-215, 2019, doi: https://doi.org/10.20535/2411-1031.2019.7.2.190570.

V. Pevnev, and S.Kapchynskyi, “Database security: threats and preventive measures”, Advanced Inforamation Systems, vol. 2, no. 1, pp. 69-72, 2018, doi: https://doi.org/10.20998/2522-9052.2018.1.13.

P. Paul, and P. S. Aithal, “Database Security: An Overview and Analysis of Current Trend”, International Journal of Management, Technology, and Social Sciences (IJMTS), vol. 4, no. 2, рр. 53-58, 2019, doi: https://dx.doi.org/10.2139/ssrn.3497728.

A. Mousa, M. Karabatak, and T. Mustafa, “Database Security Threats and Challenges”, in Proc. 8th International Symposium on Digital Forensics and Security (ISDFS), Remote/ Online, 2020, pp. 1-5, doi: https://doi.org/10.1109/ISDFS49300.2020.9116436.

R. A. Teimoor, “A Review of Database Security Concepts, Risks, and Problems”, UHD Journal of Science and Technology, vol. 5, no. 2, pp. 38-46, 2021, doi: https://doi.org/10.21928/uhdjst.v5n2y2021.pp38-46.

J. Juma, and D. Makupi, “Understanding Database Security Metrics: A Review”, Mara International Journal of Scientific & Research Publications, vol. 1, no. 1, pp. 40-48, 2017.

J. Swati, and Ch. Dimple, “A Relative Study on Different Database Security Threats and their Security Techniques”, International Journal of Innovative Science and Research Technology, vol. 5, no. 1, pp. 794-799, 2020, doi: http://dx.doi.org/10.13140/RG.2.2.11657.60000.

S. Gahlot, B. Verma, A. Khandelwal, “Database Security: Attacks, Threats and Control Methods”, International Journal of Engineering Research & Technology, vol. 5, no 10, 2017.

J. C. Ogbonna, F. O. Nwokoma, and A. Ejem, “Database Security Issues: A Review”, International Journal of Science and Research, vol. 6, no. 8, pp. 1812-1816, 2017.

Database and Big Data Security, 2019. [Online]. Available: https://www.kuppingercole.com/research/lc79015/database-and-big-data-security. Accessed on: Aug. 9, 2022.

А. Brahma, and S. Panigrahi, “A new approach to intrusion detection in databases by using artiﬁcial neuro fuzzy inference system”, International Journal of Reasoning-based Intelligent Systems, vol. 7, no. 3-4, pp. 254-260, 2015, doi: https://dx.doi.org/10.1504/IJRIS.2015.072952.

I. Singh, V. Darbari, L. Kejriwal, and A. Agarwal, “Conditional adherencebased classiﬁcation of transactions for database intrusion detection and prevention”, in Proc. International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 42-49, Jaipur, India, 2016, doi: https://doi.org/10.1109/ICACCI.2016.7732023.

C. A. Ronao, and S.-B. Cho, “Anomalous query access detection in rbac-administered databases with random forest and PCA”, Information Sciences, vol. 369, pp. 238-250, 2016, doi: https://doi.org/10.1016/j.ins.2016.06.038.

S.-J. Bu, and S.-B. Cho, “A hybrid system of deep learning and learning classiﬁer system for database intrusion detection”, in Proc. International Conference on Hybrid Artificial Intelligence Systems, pp. 615-625, La Rioja, Spain, 2017, doi: https://doi.org/10.1007/978-3-319-59650-1_52.

S. R. Hussain, A. M. Sallam, and E. Bertino, “Detecting anomalous database transactions by insiders”, in Proc. 5th ACM Conference on Data and Application Security and Privacy, pp. 25-35, Charlotte , NC , USA, 2015, doi: http://dx.doi.org/10.1145/2699026.2699111.

A. Sallam, D. Fadolalkarim, E. Bertino, and Q. Xiao, “Data and syntax centric anomaly detection for relational databases”, Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, vol. 6, no. 6, pp. 231-239, 2016, doi: https://doi.org/10.1002/widm.1195.

M. Sunu, M. Petropoulos, and H. Q. Ngo, “A datacentric approach to insider attack detection in database systems”, in Proc. 13th International Conference on Recent Advances in Intrusion Detection, pp. 382-401, Ottawa, Ontario, Canada, 2010, doi: http://dx.doi.org/10.1007/978-3-642-15512-3_20.

А. Mahdi, P. Sander, and S. Etalle, “Behavior analysis in the medical sector: Theory and practice”, in Proc. 33rd Annual ACM Symposium on Applied Computing, pp. 1637-1646, New York, NY, USA, 2018, doi: https://doi.org/10.1145/3167132.3167307.

M. I. Khan, S. N. Foley, and B. O’Sullivan, “Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behavioural-based Anomaly Detection Systems – A Brief Survey of Concepts and Approaches”, in Emerging Information Security and Applications, W. Meng, and S. K. Katsikas, vol. 1403, Eds. Cham : Springer, 2022, pp.178-197, doi: https://doi.org/10.1007/978-3-030-93956-4_11.

R. G. Santos, J. Bernardino, and M. Vieira, “Approaches and Challenges in Database Intrusion Detection”, ACM SIGMOD Record, vol. 43, no. 3, pp. 36-47, 2014, doi: https://doi.org/10.1145/2694428.2694435.

I. Subach, V. Fesokha, and N. Fesokha, “Analysis of existing solutions for preventing invasion in information and telecommunication networks”, Information technology and security, vol. 5, iss. 1, pp. 29-41, 2017, doi: https://doi.org/10.20535/2411-1031.2017.5.1.120554.

Information technologies for database protection against cyber attacks in military information systems

Authors

DOI:

Keywords:

Abstract

Author Biographies

Ihor Subach, Institute of special communication and information protection of National technical university of Ukraine “Igor Sikorsky Kyiv Polytechnic Institute”, Kyiv

Oleksandr Vlasenko, Military institute of telecommunications and information technologies named after the Heroes of Kruty, Kyiv

References

Downloads

Published

How to Cite

Issue

Section

License

Make a Submission

Information