{"id":"https://openalex.org/W2923749684","doi":"https://doi.org/10.1145/3292006.3300039","title":"Result-Based Detection of Insider Threats to Relational Databases","display_name":"Result-Based Detection of Insider Threats to Relational Databases","publication_year":2019,"publication_date":"2019-03-13","ids":{"openalex":"https://openalex.org/W2923749684","doi":"https://doi.org/10.1145/3292006.3300039","mag":"2923749684"},"language":"en","primary_location":{"id":"doi:10.1145/3292006.3300039","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3292006.3300039","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5078371791","display_name":"Asmaa Sallam","orcid":null},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Asmaa Sallam","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5061694501","display_name":"Elisa Bertino","orcid":"https://orcid.org/0000-0002-4029-7051"},"institutions":[{"id":"https://openalex.org/I219193219","display_name":"Purdue University West Lafayette","ror":"https://ror.org/02dqehb95","country_code":"US","type":"education","lineage":["https://openalex.org/I219193219"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elisa Bertino","raw_affiliation_strings":["Purdue University, West Lafayette, IN, USA"],"affiliations":[{"raw_affiliation_string":"Purdue University, West Lafayette, IN, USA","institution_ids":["https://openalex.org/I219193219"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5078371791"],"corresponding_institution_ids":["https://openalex.org/I219193219"],"apc_list":null,"apc_paid":null,"fwci":1.4147,"has_fulltext":false,"cited_by_count":14,"citation_normalized_percentile":{"value":0.82839721,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":97},"biblio":{"volume":null,"issue":null,"first_page":"133","last_page":"143"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11512","display_name":"Anomaly Detection Techniques and Applications","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12127","display_name":"Software System Performance and Reliability","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/insider-threat","display_name":"Insider threat","score":0.8810973763465881},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8066968321800232},{"id":"https://openalex.org/keywords/anomaly-detection","display_name":"Anomaly detection","score":0.7303950786590576},{"id":"https://openalex.org/keywords/flagging","display_name":"Flagging","score":0.6639354228973389},{"id":"https://openalex.org/keywords/insider","display_name":"Insider","score":0.646770715713501},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.5614665150642395},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.5332552790641785},{"id":"https://openalex.org/keywords/constant-false-alarm-rate","display_name":"Constant false alarm rate","score":0.49783992767333984},{"id":"https://openalex.org/keywords/information-retrieval","display_name":"Information retrieval","score":0.35815638303756714},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.10164192318916321}],"concepts":[{"id":"https://openalex.org/C2776633304","wikidata":"https://www.wikidata.org/wiki/Q6038026","display_name":"Insider threat","level":3,"score":0.8810973763465881},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8066968321800232},{"id":"https://openalex.org/C739882","wikidata":"https://www.wikidata.org/wiki/Q3560506","display_name":"Anomaly detection","level":2,"score":0.7303950786590576},{"id":"https://openalex.org/C2777548347","wikidata":"https://www.wikidata.org/wiki/Q5456937","display_name":"Flagging","level":2,"score":0.6639354228973389},{"id":"https://openalex.org/C2778971194","wikidata":"https://www.wikidata.org/wiki/Q1664551","display_name":"Insider","level":2,"score":0.646770715713501},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.5614665150642395},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.5332552790641785},{"id":"https://openalex.org/C77052588","wikidata":"https://www.wikidata.org/wiki/Q644307","display_name":"Constant false alarm rate","level":2,"score":0.49783992767333984},{"id":"https://openalex.org/C23123220","wikidata":"https://www.wikidata.org/wiki/Q816826","display_name":"Information retrieval","level":1,"score":0.35815638303756714},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.10164192318916321},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C95457728","wikidata":"https://www.wikidata.org/wiki/Q309","display_name":"History","level":0,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C166957645","wikidata":"https://www.wikidata.org/wiki/Q23498","display_name":"Archaeology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3292006.3300039","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3292006.3300039","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W33933511","https://openalex.org/W1481547447","https://openalex.org/W1974205438","https://openalex.org/W2088826400","https://openalex.org/W2104103390","https://openalex.org/W2125793385","https://openalex.org/W2163345053","https://openalex.org/W2168683140","https://openalex.org/W2525015842","https://openalex.org/W2557071868","https://openalex.org/W2561748473","https://openalex.org/W2614763420","https://openalex.org/W2773431523","https://openalex.org/W2808820642","https://openalex.org/W2900672387"],"related_works":["https://openalex.org/W2766781562","https://openalex.org/W4205304595","https://openalex.org/W2979782961","https://openalex.org/W308359497","https://openalex.org/W1499596878","https://openalex.org/W3136170567","https://openalex.org/W2947769183","https://openalex.org/W2018332730","https://openalex.org/W4387194049","https://openalex.org/W2286217954"],"abstract_inverted_index":{"Insiders":[0],"misuse":[1,66],"of":[2,45,53,78,102,105,110,120,127,178,215,221],"resources":[3],"is":[4,37,237],"a":[5,216],"real":[6,217],"threat":[7],"to":[8,11,21,61,71,87,136,150,162,168,194,199],"organizations.":[9],"According":[10],"recent":[12],"security":[13],"reports,":[14],"data":[15,26,65,73,79,116,128,164,170,203,236],"has":[16],"been":[17],"the":[18,51,76,95,103,106,124,175,201,208,212,222,227],"most":[19],"vulnerable":[20],"attacks":[22],"by":[23,80,130],"insiders,":[24],"especially":[25],"located":[27],"in":[28,55,142],"databases":[29],"and":[30,75,133,166,181,234,249],"corporate":[31],"file":[32],"servers.":[33],"Although":[34],"anomaly":[35,144,151,158,251],"detection":[36,52,145,159,252],"an":[38,81],"effective":[39],"technique":[40],"for":[41,50,239],"flagging":[42],"early":[43],"signs":[44],"insider":[46,82,96],"attacks,":[47],"modern":[48],"techniques":[49,160,173,210,242],"anomalies":[54],"database":[56,186],"access":[57,187,204],"are":[58,191,231],"not":[59,98],"able":[60],"detect":[62,163,195],"several":[63],"sophisticated":[64],"scenarios":[67],"such":[68,92],"as":[69],"attempts":[70,167],"track":[72,169],"updates":[74],"aggregation":[77,165],"that":[83,197,225],"exceeds":[84],"his/her":[85,111],"need":[86],"perform":[88],"job":[89],"functions.":[90],"In":[91,153],"scenarios,":[93],"if":[94],"does":[97],"have":[99,243],"prior":[100],"knowledge":[101],"distribution":[104],"target":[107],"data,":[108],"many":[109],"queries":[112,190,196],"may":[113],"extract":[114],"no":[115],"or":[117,147],"small":[118],"amounts":[119],"data.":[121],"Therefore,":[122],"monitoring":[123],"total":[125],"size":[126],"retrieved":[129],"each":[131],"user":[132],"comparing":[134],"it":[135],"normal":[137,176,202],"levels":[138],"will":[139],"either":[140],"result":[141],"low":[143,244],"accuracy":[146],"long":[148],"time":[149],"detection.":[152],"this":[154],"paper,":[155],"we":[156],"propose":[157],"designed":[161],"updates.":[171],"Our":[172],"infer":[174],"rates":[177],"tables":[179],"references":[180],"tuples":[182],"retrievals":[183],"from":[184],"past":[185],"logs.":[188],"User":[189],"then":[192],"analyzed":[193],"lead":[198],"exceeding":[200],"rates.":[205],"We":[206],"evaluated":[207],"proposed":[209],"on":[211],"query":[213],"logs":[214],"database.":[218],"The":[219],"results":[220],"evaluation":[223],"indicate":[224],"when":[226],"system":[228],"configuration":[229],"parameters":[230],"adequately":[232],"selected":[233],"sufficient":[235],"available":[238],"training,":[240],"our":[241],"false":[245],"alarm":[246],"generation":[247],"rate":[248],"high":[250],"accuracy.":[253]},"counts_by_year":[{"year":2025,"cited_by_count":3},{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}