Database Intrusion Detection Systems (DIDs): Insider Threat Detection via Behavioural-based Anomaly Detection Systems -- A Brief Survey of Concepts and Approaches

Abstract: One of the data security and privacy concerns is of insider threats, where legitimate users of the system abuse the access privileges they hold. The insider threat to data security means that an insider steals or leaks sensitive personal information. Database Intrusion detection systems, specifically behavioural-based database intrusion detection systems, have been shown effective in detecting insider attacks. This paper presents background concepts on database intrusion detection systems in the context of detecting insider threats and examines existing approaches in the literature on detecting malicious accesses by an insider to Database Management Systems (DBMS).