Supercharge Your Innovation With Domain-Expert AI Agents!

Database abnormal behavior detection method and device

A detection method and database technology, applied in the field of network security, can solve problems such as detection defects of a single SQL statement

Pending Publication Date: 2022-01-14
BEIJING KEDONG ELECTRIC POWER CONTROL SYST +2
View PDF0 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to overcome the deficiencies of the prior art and provide a DAGMM-based abnormal behavior detection model for databases to solve the single SQL statement detection defect and the need for manual data processing in the current application of machine learning algorithms for abnormal database behavior detection. The problem of labeling for model training

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database abnormal behavior detection method and device
  • Database abnormal behavior detection method and device
  • Database abnormal behavior detection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0049] The present invention will be further described below in conjunction with specific embodiments. The following examples are only used to illustrate the technical solution of the present invention more clearly, but not to limit the protection scope of the present invention.

[0050] As mentioned above, in the current application of machine learning algorithms for database abnormal behavior detection, there is a problem that the single SQL statement detection defect amount needs to manually mark the data before model training can be performed.

[0051] Therefore, an embodiment of the present invention provides a method for detecting abnormal behavior of a database. Such as figure 2 As shown, the method includes the following steps:

[0052] Step 1, obtain the database log data set;

[0053] Use the log collection tool Agent to collect the database log logs. Each record of the collected logs includes the user name (USER_NAME), host IP information (HOST_IP), SQL statemen...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a database abnormal behavior detection method and device. The method comprises the steps of obtaining a database log data set; performing sliding processing on each log by utilizing a fixed window, and extracting contents of three fields of SQL (Structured Query Language) statement, running time and operation time in each window as a sliding window database behavior sample, so as to obtain a sliding window database behavior data set; encoding SQL statements and operation time of each sliding window database behavior sample in the sliding window database behavior data set to form a sliding window database behavior sample matrix, and summing the matrix according to columns to obtain a sliding window database behavior vector data set; and normalizing the sliding window database behavior vector data set, and inputting the normalized sliding window database behavior vector data set into a pre-trained DAGMM database abnormal behavior detection model to obtain a detection result. According to the method, the problems of single SQL statement detection vulnerabilities and manual data annotation in the previous database abnormal behavior detection research are well solved.

Description

technical field [0001] The invention relates to a database abnormal behavior detection method based on DAGMM (Deep AutoEncoder Gaussion Mixture Model, DAGMM), which belongs to the technical field of network security. Background technique [0002] Data is the core asset in the operation of an enterprise, and a lot of valuable information is contained in the data. At present, most enterprises store their daily operation data in the database, so the database has become one of the important attack targets of malicious personnel. According to the Data Breach Investigations Report, most data breaches are caused by insiders. Internal personnel are familiar with the security detection system in the enterprise and can effectively evade the detection mechanism; some internal personnel's misuse will also affect the detection work, which brings great difficulties and challenges to the detection of abnormal database behaviors. [0003] Experts have conducted a lot of research on abnorm...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/55
CPCG06F21/554
Inventor 赵航寿增汪明高明慧卢楷马力张志军董昱许洪强周劼英詹雄张晓李新鹏徐凤振崔旭东何纪成王洋郭乃豪王浩赵宇宁志言高英健冯思博佟志鑫付广宇
Owner BEIJING KEDONG ELECTRIC POWER CONTROL SYST
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com