| A new concept of database anomaly-Cumulated Anomaly has been proposed in this thesis, which had not been focused on and researched. Based on fuzzy sets theory and Dubiety-Determining Model (DDM), the active approach of Cumulated Anomaly recognition in databases was presented.Concepts in the context of Cumulated Anomaly were defined formally and the way of quantitatively measuring the dubiety degree of database transactions was studied. A k -mode cluster algorithm based on Multi-Sets Dissimilarity and Multi-Conditions Dissimilarity was developed to help deriving users' profiles. In the algorithm, multi-conditions dissimilarity was based on matching of condition expressions or Logic Tree. Logic Tree was defined to help calculating the distance of two logic expressions on semantic level. Afterwards, DDM was presented in detail, including its two sub-models, Cumulant Sub-Model and Dubiety Degree Sub-Model. After introducing the training strategy of DDM, the measure of determining dubiety degrees of database transactions by two items of Audit Records and Matching Rules was described. The prototype of the software system architecture to support DDM was designed and implemented. Three experiments were performed on it for testing DDM. The first experiment showed the general results of DDM with a set of randomly generated audit records, while the second one simulated a practical case. DDM monitored dubiety degrees for each database transactions and detected expected Cumulated Anomaly in the two experiments. The effect on database performance by DDM was tested in the last experiment. Experimental results showed that DDM was feasible and effective. Finally, the model of distributed DDM was studied.In summary, the concept of Cumulated Anomaly in databases has been proposed, which was described and defined formally. A general approach of Cumulated Anomaly recognition in databases was designed based on DDM. The approach was feasible and effective. It also could be applied on distributed databases.
|
PDF Full Text Request