Research On Database Intrusion Detection Based On Closed Sequential Patterns Mining

The security of database system has a crucial impact on the information security. The current database security mainly rely on their own security mechanisms, such as authentication, encryption and so on. The research on database intrusion detection is still in infancy. This paper puts emphases on the improvement of the BIDE algorithm, the algorithm design of closed multidimensional sequential pattern mining, and then applies them to the database intrusion detection system.Firstiy, this paper introduces the topic of the research background and status of foreign and home researchers, etc. Aiming at avoiding a number of scanning pseudo-projection database in BIDE algorithm, we propose the PBIDE algorithm, which is the BIDE algorithm based on position expansion. By using the position information of each event, frequent 1-sequence can be obtained. The expansion of position is directly verified for every frequent 1-sequence, and the number of scanning pseudo-projection database can be reduced, so as to save much time costs. And optimization strategy is proposed to speed up the mining and also assure the correctness of the algorithm.Secondly, multidimensional concept lattice is introduced to store the multidimensional information of every sequence. By equivalent transformation, multi-dimensional background information will be combined. Then, the multidimensional concept lattice is converted into 2-dimension, including a sequence and a background dimension. Based on this data structure, a new algorithm is designed to mine the closed multidimensional sequential pattern, called CMDSCL, in which association patterns and sequential patterns are mined directly and simultaneously. In the process of patterns mining, the new multidimensional sequence is always inserted into the concept lattices tree at the next level of root, and it may have four possible ways of inserting. Alongside the new concept lattice being inserted, concept lattice tree is updated at the same time.Lastly, with the two improved algorithms, a self-adaptive model of database intrusion detection system based on closed multidimensional sequential pattern mining is designed. Owing to the detection method based on anomaly being the high rate of false detection, we introduce the associated alarm technology into the model and take advantage of clustering technology, effectively resolve the problem of judging 'sharp boundary' in current database intrusion detection system when the rule is matched, and to reduce the amount of computation when the rule is generated.Experimental results show that the algorithms proposed in this paper are more efficient than the current ones, and the anticipated results are realized.