In the last decade, attacks to network are becoming more common and sophisticated .However,it is a difficult task to detect intrusion.The traditional technology such as firewall is not enough to solve all kind of attacks.For this reason,intrusion detection as a new technology is put forward.With more and more governments .business and finance having their own databases connected to the intemet,we much more attack break into these network databases.Then current security is focused on network database security. So we need to study intrusion detection technology on databases to intensify the security.At first this paper introduces the development process of intrusion detection system. Then we describe the function, model and taxonomy of intrusion detection systems, particularly discuss the model of intrusion detection system. And the framework and standardization of intrusion detection system are thoroughly discussed in this paper. The problems and future of intrusion detection system are put forward in this paper. The international standard of database security is also given here and then the security mechanism of SQL Server is detailedly discussed. The application of Misuse detection technology and anomaly detection technology in SQL Server are talked about thoroughly in this paper. We show more emphasis on the anomaly detection technology based on data mining. Finally, the constructing process of database intrusion detection is detailedly discussed here. By use of Aprior association rule algorithm, the user's historical data are mined. We alse give the test data in this paper.By comparing the similarties between the history profiles and present ones we can detect the anomaly in present profiles. Result of experiments shows the differences between them.
|