Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Database generalization safety protection method

A technology of security protection and database, applied in the field of information security, can solve the problems of being unable to discover unknown intrusion behaviors and low false positive rate of detection models, so as to improve the overall security protection capability and reduce the false negative rate and false negative rate.

Inactive Publication Date: 2012-04-11
CHINA ELECTRIC POWER RES INST +1
View PDF5 Cites 25 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The misuse detection model has a low false positive rate, but it can only be used to detect known intrusion behaviors, and cannot discover unknown intrusion behaviors

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Database generalization safety protection method
  • Database generalization safety protection method
  • Database generalization safety protection method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0034] The following is a typical implementation of the database security gateway as an information network isolation device.

[0035] The database security gateway isolates the trusted information intranet from the untrustworthy information extranet. It must ensure that the SQL communication between the information intranet and the information extranet passes through the database security gateway for SQL detection. The database security gateway is a special device to protect the database to meet the needs of network partitioning according to the security level. Its core technology adopts a comprehensive database protection method based on the combination of abnormality and misuse. The solution of the invention can filter the network flow for accessing the Oracle / SQLSERVER database, only allow a specific application server to access a specific database server through a specific program, and control the content and behavior of the client program to access the database service.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a database generalization safety protection method based on abnormal and misapplication combination, which adopts a novel detection model of combining a rule-based misapplication detection technology and a machine learning-based abnormal detection technology and fuses an independent perfect database audit technology and a real-time monitoring technology. The method integrates two detection technologies, all normal accesses are judged to be illegal by a machine learning-based abnormal detection module, and abnormal accesses are judged to be illegal and not to be blocked by a rule-based misapplication detection module. The method realizes complete, strict and flexible protection of network layers of IP, protocols and ports to database application layers of access account, access base objects, access table objects, operation types, authority limits and the like, and can effectively resist attack aiming at attach of the database application layers and self vulnerability.

Description

technical field [0001] The present invention relates to the field of information security technology, and specifically relates to a new type of database comprehensive protection based on rule-based misuse detection technology and machine learning-based anomaly detection technology combined with a novel detection model, supplemented by independent and perfect database audit technology and real-time monitoring technology method. Background technique [0002] As the aggregate of information, database system is the core component of computer information system, and its security is very important. However, due to the lack of security of the database itself, attackers may access the database through abnormal channels, or even implement buffer overflow or SQL injection to attack the database, resulting in the leakage of sensitive information and endangering data security and information system security. [0003] In order to ensure the security of databases and information systems,...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06G06F17/30
Inventor 张波高昆仑赵保华郑晓崑
Owner CHINA ELECTRIC POWER RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com