Titulo Estágio
Data Warehouse Intrusion Detection
Áreas de especialidade
Engenharia de Software
Local do Estágio
DEI-FCTUC
Enquadramento
Today data represent one of the most important assets of an organization or a company. Some of these data are worth millions and why organizations are increasingly important in controlling access to these Today data represent one of the most important assets of an organization or a company. Some of these data are worth millions and why organizations are increasingly important in controlling access to these data, both for internal users and external to the organization. Once the Data Warehouses (DW) store all historical data business and serve decision making support of their managers, the DW represent the repository of business secrets. Accordingly, the secure data DW is currently a critical issue.
The existing solutions proposed for the detection of suspicious activity in the DBMS are not effective in environments involving databases with decision support purposes and, as far as we know, there is no specific intrusion detection system for DWs .
Objetivo
Recently, the monitoring the activity of databases solutions that continuously watch the activity of a DBMS and all suspected relevant activities. However, these solutions are typically focused on preventing data corruption, or to avoid unwanted changes that compromise the integrity of the data. Since the DW fundamentally serve for decision support, users only perform data query actions, rather than changing data. This causes most of the existing solutions of intrusion detection DBMS are inadequate in Data Warehousing Environments.
The goal of this work is to develop mechanisms and algorithms for intrusion detection in DW. Within this context, some of the questions we want to answer are:
1. Creating profiles that succinctly represent the behavior interaction between the user and the DW.
2. Development of efficient algorithms for real-time detection of anomalous behavior by the user.
3. Development of strategies to respond to intrusions within a DW.
4. To propose an architecture for an intrusion detection system and implementation of a prototype application of the same in a data warehousing system.
It is also stage the objective conducting an experimental evaluation of the prototype is planned writing and submission of a scientific paper to a top global conference.
Plano de Trabalhos - Semestre 1
[Some tasks might overlap; M=Month]
T1 (M1 – M3): State of the art literature review on intrusion techniques in RDBMS.
T2 (M3) Design of efficient algorithms for the online detection of abnormal behavior by the user and developing strategies for responding to intrusions within a DW, using the information gathered in task T1 as basis.
T3 (M3 – M4) Propose an architecture for an intrusion detection system and define the prototype.
T4 (M5): Writing and defense of the dissertation proposal.
Plano de Trabalhos - Semestre 2
[Some tasks might overlap; M=Month]
T5 (M6): Specification of architecture, design, and testing.
T6 (M6 – M7): Implementation of the prototype application tool.
T7 (M8): Execution of experiments and analysis of results.
T8 (M9): Write a research paper and submission to a top international conference on the Database and Data Warehousing areas.
T9 (M10): Writing the dissertation.
Condições
The work will be carried out in the facilities of the Department of Informatics Engineering at the University of Coimbra (CISUC - Software and Systems Engineering Group), where a work place and necessary computer resources will be provided.
Observações
A scholarship may be available (value to be defined) for at least part of the duration of the internship.
Orientador
Jorge Bernardino
jorge@isec.pt 📩