System architecture for SQL injection and insider misuse detection system for DBMS

Abstract

As organizations increase their adoption of database systems as one of their key data management technologies for the daily operations and decision makings, the security of data managed by these systems becomes crucial. Damage and misuse of data affect not only a single user or application, but may have effect the entire organization. The recent rapid proliferations of web-based applications with database at its backend have further increased the risk of database exposure to the outside world. There are many recent reports on intrusion from external hackers which compromised the database system. However, there are also insiders who abuse their privileges and access the database system for many intentions. For that reason, it is imperative for us to secure database system from both external and internal attacks. This paper describes on database security threats and the existing works that had been done to mitigate these problems. One of possible solutions is by using Intrusion Detection System (IDS). For that reason, this study proposed a novel SQL Injections and Insider Misuse Detection System (SIIMDS) to provide higher level of security for database system.