{"id":"https://openalex.org/W2495778067","doi":"https://doi.org/10.1109/tse.2016.2598336","title":"A System for Profiling and Monitoring Database Access Patterns by Application Programs for Anomaly Detection","display_name":"A System for Profiling and Monitoring Database Access Patterns by Application Programs for Anomaly Detection","publication_year":2016,"publication_date":"2016-08-05","ids":{"openalex":"https://openalex.org/W2495778067","doi":"https://doi.org/10.1109/tse.2016.2598336","mag":"2495778067"},"language":"en","primary_location":{"id":"doi:10.1109/tse.2016.2598336","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2016.2598336","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007218348","display_name":"Lorenzo Bossi","orcid":null},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Lorenzo Bossi","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayette, IN"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayette, IN","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayette, IN"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayette, IN","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5053169357","display_name":"Syed Rafiul Hussain","orcid":"https://orcid.org/0000-0001-9222-8544"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Syed Rafiul Hussain","raw_affiliation_strings":["Department of Computer Science, Purdue University, West Lafayette, IN"],"affiliations":[{"raw_affiliation_string":"Department of Computer Science, Purdue University, West Lafayette, IN","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5007218348"],"corresponding_institution_ids":["https://openalex.org/I219193219"],"apc_list":null,"apc_paid":null,"fwci":9.2887,"has_fulltext":false,"cited_by_count":32,"citation_normalized_percentile":{"value":0.97762486,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":90,"max":99},"biblio":{"volume":"43","issue":"5","first_page":"415","last_page":"431"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.899914026260376},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6360921859741211},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.6284663677215576},{"id":"https://openalex.org/keywords/profiling","display_name":"Profiling (computer programming)","score":0.6076288223266602},{"id":"https://openalex.org/keywords/database-administrator","display_name":"Database administrator","score":0.5780050754547119},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.5059913992881775},{"id":"https://openalex.org/keywords/data-access","display_name":"Data access","score":0.5034751296043396},{"id":"https://openalex.org/keywords/view","display_name":"View","score":0.44699278473854065},{"id":"https://openalex.org/keywords/database-server","display_name":"Database server","score":0.42895814776420593},{"id":"https://openalex.org/keywords/data-integrity","display_name":"Data integrity","score":0.41064825654029846},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2865990102291107},{"id":"https://openalex.org/keywords/database-design","display_name":"Database design","score":0.26362085342407227},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.21633151173591614},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.12644261121749878}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.899914026260376},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6360921859741211},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.6284663677215576},{"id":"https://openalex.org/C187191949","wikidata":"https://www.wikidata.org/wiki/Q1138496","display_name":"Profiling (computer programming)","level":2,"score":0.6076288223266602},{"id":"https://openalex.org/C70236469","wikidata":"https://www.wikidata.org/wiki/Q1078262","display_name":"Database administrator","level":2,"score":0.5780050754547119},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.5059913992881775},{"id":"https://openalex.org/C47487241","wikidata":"https://www.wikidata.org/wiki/Q5227230","display_name":"Data access","level":2,"score":0.5034751296043396},{"id":"https://openalex.org/C54239708","wikidata":"https://www.wikidata.org/wiki/Q1329910","display_name":"View","level":3,"score":0.44699278473854065},{"id":"https://openalex.org/C205295232","wikidata":"https://www.wikidata.org/wiki/Q76320","display_name":"Database server","level":2,"score":0.42895814776420593},{"id":"https://openalex.org/C33762810","wikidata":"https://www.wikidata.org/wiki/Q461671","display_name":"Data integrity","level":2,"score":0.41064825654029846},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2865990102291107},{"id":"https://openalex.org/C148840519","wikidata":"https://www.wikidata.org/wiki/Q1049878","display_name":"Database design","level":2,"score":0.26362085342407227},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.21633151173591614},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.12644261121749878}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tse.2016.2598336","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tse.2016.2598336","pdf_url":null,"source":{"id":"https://openalex.org/S8351582","display_name":"IEEE Transactions on Software Engineering","issn_l":"0098-5589","issn":["0098-5589","1939-3520","2326-3881"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320439","host_organization_name":"IEEE Computer Society","host_organization_lineage":["https://openalex.org/P4310320439","https://openalex.org/P4310319808"],"host_organization_lineage_names":["IEEE Computer Society","Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Software Engineering","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7599999904632568}],"awards":[],"funders":[{"id":"https://openalex.org/F4320306110","display_name":"U.S. Department of Homeland Security","ror":"https://ror.org/00jyr0d86"},{"id":"https://openalex.org/F4320332664","display_name":"Science and Technology Directorate","ror":"https://ror.org/00jyr0d86"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":43,"referenced_works":["https://openalex.org/W23242426","https://openalex.org/W123548525","https://openalex.org/W319519186","https://openalex.org/W348147891","https://openalex.org/W1479871422","https://openalex.org/W1497959280","https://openalex.org/W1501456447","https://openalex.org/W1544708267","https://openalex.org/W1548806133","https://openalex.org/W1581255480","https://openalex.org/W1658853941","https://openalex.org/W1974205438","https://openalex.org/W2008704879","https://openalex.org/W2009489720","https://openalex.org/W2080696000","https://openalex.org/W2086658561","https://openalex.org/W2088826400","https://openalex.org/W2089052814","https://openalex.org/W2089303860","https://openalex.org/W2089448621","https://openalex.org/W2096905893","https://openalex.org/W2098129634","https://openalex.org/W2099613071","https://openalex.org/W2101000001","https://openalex.org/W2104993088","https://openalex.org/W2107147876","https://openalex.org/W2113531724","https://openalex.org/W2114488082","https://openalex.org/W2123886726","https://openalex.org/W2137569638","https://openalex.org/W2148488647","https://openalex.org/W2153329411","https://openalex.org/W2180474751","https://openalex.org/W2295709271","https://openalex.org/W2344901352","https://openalex.org/W2999598427","https://openalex.org/W4300704678","https://openalex.org/W6600897621","https://openalex.org/W6604982192","https://openalex.org/W6611187172","https://openalex.org/W6611664085","https://openalex.org/W6629649607","https://openalex.org/W6674240778"],"related_works":["https://openalex.org/W2373347319","https://openalex.org/W2033980616","https://openalex.org/W2129469317","https://openalex.org/W2466884276","https://openalex.org/W2501729297","https://openalex.org/W2079690139","https://openalex.org/W2347268541","https://openalex.org/W2363919617","https://openalex.org/W2134740279","https://openalex.org/W2041090168"],"abstract_inverted_index":{"Database":[0],"Management":[1],"Systems":[2],"(DBMSs)":[3],"provide":[4],"access":[5,17,29,59,66,104],"control":[6,30,105],"mechanisms":[7,23],"that":[8,169,214,354],"allow":[9],"database":[10,71,101,244,317],"administrators":[11],"(DBAs)":[12],"to":[13,19,33,98,116,127,133,147,171,188,220,282,309,316,360],"grant":[14],"application":[15,110,135,185,216,231,285,294],"programs":[16,111,119,136],"privileges":[18],"databases.":[20],"Though":[21],"such":[22,77,173,319],"are":[24,120,137],"powerful,":[25],"in":[26,40,90,186,225,280],"practice":[27],"finer-grained":[28],"mechanism":[31,50,106,145,277,306,338,370],"tailored":[32,315],"the":[34,37,41,91,114,118,131,161,179,184,197,211,215,222,226,230,238,243,247,253,257,264,284,311,348,368],"semantics":[35],"of":[36,65,88,130,163,183,193,256,273,293,299,365],"data":[38,84,115,132,312],"stored":[39],"DMBS":[42],"is":[43,73,125,177,261,266,278,307,358],"required":[44],"as":[45,79,268,320,332],"a":[46,70,144,190,200,203,233,235,262,303,340],"first":[47],"class":[48],"defense":[49],"against":[51,252],"smart":[52],"attackers.":[53],"Hence,":[54,141],"custom":[55],"written":[56],"applications":[57,93,97,318],"which":[58,117,134],"databases":[60],"implement":[61],"an":[62,164],"additional":[63],"layer":[64],"control.":[67],"Therefore,":[68],"securing":[69],"alone":[72],"not":[74,121],"enough":[75],"for":[76,139,205],"applications,":[78],"attackers":[80],"aiming":[81],"at":[82],"stealing":[83],"can":[85,107],"take":[86],"advantage":[87,272],"vulnerabilities":[89,295],"privileged":[92],"and":[94,181,209,245,250,326,347,367],"make":[95],"these":[96],"issue":[99],"malicious":[100,149],"queries.":[102],"An":[103],"only":[108],"prevent":[109,128],"from":[112,152,313,328],"accessing":[113],"authorized,":[122],"but":[123],"it":[124,241],"unable":[126],"misuse":[129],"authorized":[138,154],"access.":[140],"we":[142,159,287],"need":[143,288],"able":[146,308],"detect":[148],"behavior":[150],"resulting":[151],"previously":[153],"applications.":[155],"In":[156],"this":[157],"paper,":[158],"present":[160],"architecture":[162],"anomaly":[165,275],"detection":[166,227,276,369],"mechanism,":[167],"DetAnom,":[168],"aims":[170],"solve":[172],"problem.":[174],"Our":[175],"approach":[176],"based":[178],"analysis":[180],"profiling":[182,356],"order":[187,281],"create":[189],"succinct":[191],"representation":[192],"its":[194],"interaction":[195],"with":[196,339],"database.":[198],"Such":[199],"profile":[201],"keeps":[202],"signature":[204,249],"every":[206],"submitted":[207],"query":[208,239,265],"also":[210,327],"corresponding":[212,248],"constraints":[213,251],"program":[217],"must":[218],"satisfy":[219],"submit":[221],"query.":[223],"Later,":[224],"phase,":[228],"whenever":[229],"issues":[232],"query,":[234],"module":[236],"captures":[237],"before":[240],"reaches":[242],"verifies":[246],"current":[254],"context":[255],"application.":[258],"If":[259],"there":[260],"mismatch,":[263],"marked":[267],"anomalous.":[269],"The":[270],"main":[271],"our":[274,305,337,355],"that,":[279],"build":[283],"profiles,":[286],"neither":[289],"any":[290,297],"previous":[291],"knowledge":[292],"nor":[296],"example":[298],"possible":[300],"attacks.":[301],"As":[302],"result,":[304],"protect":[310],"attacks":[314,331],"code":[321],"modification":[322],"attacks,":[323],"SQL":[324],"injections,":[325],"other":[329],"data-centric":[330],"well.":[333],"We":[334],"have":[335],"implemented":[336],"software":[341],"testing":[342,346],"technique":[343,357],"called":[344],"concolic":[345],"PostgreSQL":[349],"DBMS.":[350],"Experimental":[351],"results":[352],"show":[353],"close":[359],"accurate,":[361],"requires":[362],"acceptable":[363],"amount":[364],"time,":[366],"incurs":[371],"low":[372],"runtime":[373],"overhead.":[374]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":4},{"year":2020,"cited_by_count":4},{"year":2019,"cited_by_count":7},{"year":2018,"cited_by_count":3},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}