Date of Award

8-2016

Degree Type

Thesis

Degree Name

Master of Science (MS)

Department

Interdisciplinary Studies

First Advisor

Elisa Bertino

Second Advisor

Victor Raskin

Committee Chair

Elisa Bertino

Committee Co-Chair

Victor Raskin

Committee Member 1

Baijian Yang

Abstract

The objective of the research presented in this thesis is to evaluate the importance of query selectivity for monitoring DBMS activity and detect insider threat. We propose query selectivity as an additional component to an existing anomaly detection system (ADS). We first look at the advantages of working with this particular ADS. This is followed by a discussion about some existing limitations in the anomaly detection system (ADS) and how it affects its overall performance. We look at what query selectivity is and how it can help improve upon the existing limitations of the ADS. The system is then implemented using Java on top of the existing query parser used by the AD mechanism which in itself is written in Java. Towards the end, we look at how our version of the anomaly detection mechanism using query selectivity fares against a Relational database management system (RDBMS) query optimizer. With high accuracy results that closely match the results produced by the underlying query optimizer, we provide some proof of concept (PoC) for adding query selectivity to the existing AD mechanism. We conclude that a tool to analyze SQL and evaluate query selectivity is required to make the anomaly detection mechanism more maintainable and self-sustained.

Share

COinS