An event based framework for facilitating database activity tracking (CROSBI ID 644497)
Prilog sa skupa u zborniku | izvorni znanstveni rad | međunarodna recenzija
Podaci o odgovornosti
Šaban, Josip ; Gržinić, Toni ; Mršić, Leo
engleski
An event based framework for facilitating database activity tracking
During a database analytic investigation investigator tracks intruder’s actions on the system until incident occurs - the investigator identifies that the intruder has, indeed, accessed the database in an unauthorized way. Combined with the data about the actions following the incident, it is also crucial to collect data about user activity on the server before the incident so that a log of actions can be created. The goal of this paper is to propose which data should be collected before the security incident occurs, focusing on two parts: Users on the level of the operating system which have access to either the shared file system or the direct access to the operating system by using remote connection SQL database users (either native or domain users), key tables with sensitive data and the activity of users in relation to those table
database system ; misuse detection ; fraud transactions
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o prilogu
26-31.
2014.
objavljeno
Podaci o matičnoj publikaciji
25th Central European Conference on Information and Intelligent Systems
Varaždin: Fakultet organizacije i informatike Sveučilišta u Zagrebu
Podaci o skupu
Proceedings of 25th Central European Conference on Information and Intelligent Systems
predavanje
17.09.2014-19.09.2014
Varaždin, Hrvatska