Date of Award
8-2016
Degree Type
Thesis
Degree Name
Master of Science (MS)
Department
Interdisciplinary Studies
First Advisor
Elisa Bertino
Second Advisor
Victor Raskin
Committee Chair
Elisa Bertino
Committee Co-Chair
Victor Raskin
Committee Member 1
Baijian Yang
Abstract
The objective of the research presented in this thesis is to evaluate the importance of query selectivity for monitoring DBMS activity and detect insider threat. We propose query selectivity as an additional component to an existing anomaly detection system (ADS). We first look at the advantages of working with this particular ADS. This is followed by a discussion about some existing limitations in the anomaly detection system (ADS) and how it affects its overall performance. We look at what query selectivity is and how it can help improve upon the existing limitations of the ADS. The system is then implemented using Java on top of the existing query parser used by the AD mechanism which in itself is written in Java. Towards the end, we look at how our version of the anomaly detection mechanism using query selectivity fares against a Relational database management system (RDBMS) query optimizer. With high accuracy results that closely match the results produced by the underlying query optimizer, we provide some proof of concept (PoC) for adding query selectivity to the existing AD mechanism. We conclude that a tool to analyze SQL and evaluate query selectivity is required to make the anomaly detection mechanism more maintainable and self-sustained.
Recommended Citation
Hegde, Prajwal B., "Monitoring DBMS activity to detect insider threat using query selectivity" (2016). Open Access Theses. 952.
https://docs.lib.purdue.edu/open_access_theses/952