Information technologies for database protection against cyber attacks in military information systems
DOI:
https://doi.org/10.20535/2411-1031.2022.10.2.270412Keywords:
database, cyber defense, cyber threats., cyber-attack, intrusion detection system, fuzzy set theoryAbstract
With the beginning of the Russian Federation’s large-scale invasion of Ukraine, the number of cyberattacks on state authorities, critical infrastructure facilities, and units whose activities involve the processing of critically important information, including the information systems (IS) of the Armed Forces of Ukraine, has significantly increased. Modern information systems for military purposes (ISMP) are an integral part of any system of management of defense and security forces of the state and play an important role in the management of troops on the battlefield. The database (DB) is an integral part of any ISMP, and its cyber protection is one of the most important factors in ensuring the integrity, confidentiality and availability of data. The article presents an analysis of the current state of cyber protection of databases in ISMP. A comparative analysis of existing cyber threats and types and types of cyber-attacks on the resources of database management systems (DBMS) is given. Database security levels are defined, and database security threats are classified according to them. The existing methods and modern software solutions for database protection (DBMS) against various types of cyberattacks are considered, their advantages and disadvantages are described. A promising direction for improving existing systems for detecting cyberattacks in the aspect of implementing database protection at all levels of the DBMS ecosystem, as well as all components of the ISMP cyber protection architecture, is proposed, the essence of which is the intelligent processing of the received consolidated data. Consolidation of database data (processing of information about events and cyber incidents directly related to the database) subject to analysis provides a basis for the development of new approaches to the detection of cyber-attacks, which are based on monitoring non-typical scenarios (exploits) of their implementation. This approach provides an opportunity to resolve the identified contradiction in the field of database cyber protection in the context of the inconsistency of the requirements that are put forward for the methods of cyber protection of the ISMP database and the possibilities for their implementation. In addition, the implementation of the proposed approach in combination with the theory of fuzzy sets will allow effective cyber protection of databases in conditions of incompleteness and inaccuracy of information.
References
E. Burtescu, “Database Security, Attacks аnd Control Methods”, Journal of Applied Sciences and Technology, pp. 449-453, 2009.
I. Subach, A. Mykytiuk, and V. Kubrak, “Architecture and functional model of a perspective proactive intellectual SIEM for cyber protection of objects of critical infrastructure”, Information Technology and Security, vol 7, iss. 2, pp. 208-215, 2019, doi: https://doi.org/10.20535/2411-1031.2019.7.2.190570.
V. Pevnev, and S.Kapchynskyi, “Database security: threats and preventive measures”, Advanced Inforamation Systems, vol. 2, no. 1, pp. 69-72, 2018, doi: https://doi.org/10.20998/2522-9052.2018.1.13.
P. Paul, and P. S. Aithal, “Database Security: An Overview and Analysis of Current Trend”, International Journal of Management, Technology, and Social Sciences (IJMTS), vol. 4, no. 2, рр. 53-58, 2019, doi: https://dx.doi.org/10.2139/ssrn.3497728.
A. Mousa, M. Karabatak, and T. Mustafa, “Database Security Threats and Challenges”, in Proc. 8th International Symposium on Digital Forensics and Security (ISDFS), Remote/ Online, 2020, pp. 1-5, doi: https://doi.org/10.1109/ISDFS49300.2020.9116436.
R. A. Teimoor, “A Review of Database Security Concepts, Risks, and Problems”, UHD Journal of Science and Technology, vol. 5, no. 2, pp. 38-46, 2021, doi: https://doi.org/10.21928/uhdjst.v5n2y2021.pp38-46.
J. Juma, and D. Makupi, “Understanding Database Security Metrics: A Review”, Mara International Journal of Scientific & Research Publications, vol. 1, no. 1, pp. 40-48, 2017.
J. Swati, and Ch. Dimple, “A Relative Study on Different Database Security Threats and their Security Techniques”, International Journal of Innovative Science and Research Technology, vol. 5, no. 1, pp. 794-799, 2020, doi: http://dx.doi.org/10.13140/RG.2.2.11657.60000.
S. Gahlot, B. Verma, A. Khandelwal, “Database Security: Attacks, Threats and Control Methods”, International Journal of Engineering Research & Technology, vol. 5, no 10, 2017.
J. C. Ogbonna, F. O. Nwokoma, and A. Ejem, “Database Security Issues: A Review”, International Journal of Science and Research, vol. 6, no. 8, pp. 1812-1816, 2017.
Database and Big Data Security, 2019. [Online]. Available: https://www.kuppingercole.com/research/lc79015/database-and-big-data-security. Accessed on: Aug. 9, 2022.
А. Brahma, and S. Panigrahi, “A new approach to intrusion detection in databases by using artificial neuro fuzzy inference system”, International Journal of Reasoning-based Intelligent Systems, vol. 7, no. 3-4, pp. 254-260, 2015, doi: https://dx.doi.org/10.1504/IJRIS.2015.072952.
I. Singh, V. Darbari, L. Kejriwal, and A. Agarwal, “Conditional adherencebased classification of transactions for database intrusion detection and prevention”, in Proc. International Conference on Advances in Computing, Communications and Informatics (ICACCI), pp. 42-49, Jaipur, India, 2016, doi: https://doi.org/10.1109/ICACCI.2016.7732023.
C. A. Ronao, and S.-B. Cho, “Anomalous query access detection in rbac-administered databases with random forest and PCA”, Information Sciences, vol. 369, pp. 238-250, 2016, doi: https://doi.org/10.1016/j.ins.2016.06.038.
S.-J. Bu, and S.-B. Cho, “A hybrid system of deep learning and learning classifier system for database intrusion detection”, in Proc. International Conference on Hybrid Artificial Intelligence Systems, pp. 615-625, La Rioja, Spain, 2017, doi: https://doi.org/10.1007/978-3-319-59650-1_52.
S. R. Hussain, A. M. Sallam, and E. Bertino, “Detecting anomalous database transactions by insiders”, in Proc. 5th ACM Conference on Data and Application Security and Privacy, pp. 25-35, Charlotte , NC , USA, 2015, doi: http://dx.doi.org/10.1145/2699026.2699111.
A. Sallam, D. Fadolalkarim, E. Bertino, and Q. Xiao, “Data and syntax centric anomaly detection for relational databases”, Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, vol. 6, no. 6, pp. 231-239, 2016, doi: https://doi.org/10.1002/widm.1195.
M. Sunu, M. Petropoulos, and H. Q. Ngo, “A datacentric approach to insider attack detection in database systems”, in Proc. 13th International Conference on Recent Advances in Intrusion Detection, pp. 382-401, Ottawa, Ontario, Canada, 2010, doi: http://dx.doi.org/10.1007/978-3-642-15512-3_20.
А. Mahdi, P. Sander, and S. Etalle, “Behavior analysis in the medical sector: Theory and practice”, in Proc. 33rd Annual ACM Symposium on Applied Computing, pp. 1637-1646, New York, NY, USA, 2018, doi: https://doi.org/10.1145/3167132.3167307.
M. I. Khan, S. N. Foley, and B. O’Sullivan, “Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behavioural-based Anomaly Detection Systems – A Brief Survey of Concepts and Approaches”, in Emerging Information Security and Applications, W. Meng, and S. K. Katsikas, vol. 1403, Eds. Cham : Springer, 2022, pp.178-197, doi: https://doi.org/10.1007/978-3-030-93956-4_11.
R. G. Santos, J. Bernardino, and M. Vieira, “Approaches and Challenges in Database Intrusion Detection”, ACM SIGMOD Record, vol. 43, no. 3, pp. 36-47, 2014, doi: https://doi.org/10.1145/2694428.2694435.
I. Subach, V. Fesokha, and N. Fesokha, “Analysis of existing solutions for preventing invasion in information and telecommunication networks”, Information technology and security, vol. 5, iss. 1, pp. 29-41, 2017, doi: https://doi.org/10.20535/2411-1031.2017.5.1.120554.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2022 Collection "Information Technology and Security"
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors that are published in this collection, agree to the following terms:
- The authors reserve the right to authorship of their work and pass the collection right of first publication this work is licensed under the Creative Commons Attribution License, which allows others to freely distribute the published work with the obligatory reference to the authors of the original work and the first publication of the work in this collection.
- The authors have the right to conclude an agreement on exclusive distribution of the work in the form in which it was published this anthology (for example, to place the work in a digital repository institution or to publish in the structure of the monograph), provided that references to the first publication of the work in this collection.
- Policy of the journal allows and encourages the placement of authors on the Internet (for example, in storage facilities or on personal web sites) the manuscript of the work, prior to the submission of the manuscript to the editor, and during its editorial processing, as it contributes to productive scientific discussion and positive effect on the efficiency and dynamics of citations of published work (see The Effect of Open Access).