Abstract: The are several commercial real-time database security monitoring platforms available in the market. These commercial platforms are mostly available for major databases. They are not readily available for new commercial databases and open source databases. This paper proposes a framework to establish real-time security monitoring for databases that are not supported by any of the commercial platforms. The framework implements selective native database auditing functionality that forwards audit entries to a Security Information and Event Management (SIEM) via the operating system log forwarding daemon. The framework focuses primarily on protecting the database from insider threats. The solution can be used as permanent or an interim workaround until the database is supported by a commercial platform.
Keywords: database auditing, real-time security monitoring.
Title: REAL-TIME DATABASE SECURITY MONITORING FRAMEWORK USING NATIVE DATABASE AUDITING
Author: Yahya H. Dossary, Hamad A. Maghlouth
International Journal of Computer Science and Information Technology Research
ISSN 2348-1196 (print), ISSN 2348-120X (online)
Research Publish Journals