As an information-rich collective,
there are always some people who choose to take risks for some ulterior purpose
and others are committed to finding ways to deal with database security
threats. The purpose of database security research is to prevent the database
from being illegally used or destroyed. This paper introduces the main literature
in the field of database security research in recent years. First of all, we
classify these papers, the classification criteria are the influencing
factors of database security. Compared with the traditional and machine
learning (ML) methods, some explanations of concepts are interspersed to make
these methods easier to understand. Secondly, we find that the related research
has achieved some gratifying results, but there are also some shortcomings,
such as weak generalization, deviation from reality. Then, possible future work
in this research is proposed. Finally, we summarize the main contribution.
References
[1]
Meng, J. (2018) Security Threats and Countermeasures of Computer Network Database. PC Fan, 23, 37-37.
[2]
Meng, X.F., Ma, C.H. and Yang, C. (2019) Review of Machine Learning Database System. Computer Research and Development, 56, 1803-1820.
[3]
Zhan, S.Q. (2017) Security Threats and Measures of Computer Network Database. Telecom World, 3, 39-40.
[4]
Ni, Q. and Mao, Y.G. (2014) Database Security in Measurement Management Information System. Computer and Modernization, 1, 182-185+191.
[5]
Wang, X., Zhu, Z.X., Shi, C.Y., et al. (2014) Encryption and Decryption Engine System for Database Security Protection. Computer Research and Development, 24, 143-146.
[6]
Huang, B.H., Jia, F.W. and Wang, T.J. (2016) Attribute Based Database Access Control Policy under Cloud Storage Platform. Computer Science, 43, 167-173.
[7]
Zhang, J.X., Chen, M.L. and Wang, Q. (2010) Intrusion Threat and Protection Strategy of Web Database. Science and Technology Bulletin, 26, 769-773.
[8]
Mei, H.W., Li, C.H. and Zhang, M.Q. (2010) Enterprise Database Security Strategy Based on Improved AES Algorithm. Microcomputer Information, 26, 19-21.
[9]
Dandekar, S.C., Ahire, P.G. and Rao, J. (2018) Improved Secret Information Hiding Using SHA-256 and Invisible ASCII Character Replacement Technology. 2018 Fourth International Conference on Computing Communication Control and Automation, Pune, 16-18 August 2018, 1-4. https://doi.org/10.1109/ICCUBEA.2018.8697764
[10]
Andrey, A. and Natalya, Z. (2018) Mathematical Model of Symmetric Cryptoalgorithm Based on Representing Mumbers as Sums of Special Code Elements. 2018 Global Smart Industry Conference, Chelyabinsk, 13-15 November 2018, 1-6. https://doi.org/10.1109/GloSIC.2018.8570078
[11]
Ahmad, A., Ahmad, M., Habib, M.A., Sarwar, S., Chaudhry, J., Latif, M.A., et al. (2019) Parallel Query Execution over Encrypted Data in Database-as-a-Service (DaaS). The Journal of Supercomputing, 75, 2269-2288. https://doi.org/10.1007/s11227-019-02831-8
[12]
Uma Maheswari, S. and Vasanthanayaki, C. (2019) Secure Medical Health Care Content Protection System (SMCPS) with Watermark Detection for Multi Cloud Computing Environment. Multimedia Tools and Applications, 79, 4075-4097. https://doi.org/10.1007/s11042-019-7724-z
[13]
He, X.Y., Pei, C.X. and Yi, Y.H. (2015) A Low Complexity Quantum Private Information Retrieval Protocol. Journal of Xi’an University of Electronic Science and Technology (Natural Science), No. 5, 33-37, 74. http://dx.chinadoi.cn/10.3969/j.issn.1001-2400.2015.05.006
[14]
Shumeet, B. (2019) Hiding Images within Images. IEEE Transactions on Pattern Analysis and Machine Intelligence, 42, 1685-1697. https://doi.org/10.1109/TPAMI.2019.2901877
[15]
Wang, X.M. and Yuan, D.B. (2010) Privacy-Protecting Outsourcing Database Query Verification Technology. Journal of Beijing University of Technology, 36, 703-709.
[16]
Karamacoski, J., Paunkoska, N., Marina, N. and Pun
čeva, M. (2019) Blockchain for Reliable and Secure Distributed Communication Channel. 2019 IEEE International Conference on Industry 4.0, Artificial Intelligence, and Communications Technology, Bali, 1-3 July 2019, 91-97. https://doi.org/10.1109/ICIAICT.2019.8784853
[17]
Gutte, V.S. and Deshpande, P. (2015) Cost and Communication Efficient Auditing over Public Cloud. 2015 International Conference on Computational Intelligence and Communication Networks, Jabalpur, 12-14 December 2015, 807-810. https://doi.org/10.1109/CICN.2015.164
[18]
Nguyen Minh, T. and Khorev, P.B. (2019) Information Risks in the Cloud Environment and Cloud-Based Secure Information System Model. 2019 International Youth Conference on Radio Electronics, Electrical and Power Engineering, Moscow, 14-15 March 2019, 1-6. https://doi.org/10.1109/REEPE.2019.8708845
[19]
Tarik, B. and Zakaria, E. (2019) Privacy Preserving Feature Selection for Vertically Distributed Medical Data based on Genetic Algorithms and Naïve Bayes. International Journal of Information System Modeling and Design, 9, 1-22. https://doi.org/10.4018/IJISMD.2018070101
[20]
Wang, S.Y. (2015) Research on Intrusion Detection Method Based on Machine Learning. Journal of Chaohu College, 17, 25-27. http://dx.chinadoi.cn/10.3969/j.issn.1672-2868.2015.06.006
[21]
Piggin, R. and Buffey, I. (2016) Active Defense Using an Operational Technology Honeypot. 11th International Conference on System Safety and Cyber-Security, London, 11-13 October 2016, 1-6. https://doi.org/10.1049/cp.2016.0860
[22]
Ioana Vatajelu, E., Di Natale, G., Torres, L. and Paolo Prinetto (2015) STT- MRAM-Based Strong PUF Architecture. 2015 IEEE Computer Society Annual Symposium on VLSI, Montpellier, 8-10 July 2015, 467-472. https://doi.org/10.1109/ISVLSI.2015.128
[23]
Yin, S.H., Bae, C.S., Kim, S.J. and Seo, J.-S. (2017) Designing ECG-Based Physical Unclonable Function for Security of Wearable Devices. 2017 39th Annual International Conference of the IEEE Engineering in Medicine and Biology Society, Jeju Island, 11-15 July 2017, 3509-3512. https://doi.org/10.1109/EMBC.2017.8037613
[24]
Kumar Patro, K., Prakasa Rao Reddi, S., Ebraheem Khalelulla, S.K., Rajesh Kumar, P. and Shankar, K. (2019) ECG Data Optimization for Biometric Human Recognition Using Statistical Distributed Machine Learning Algorithm. Journal of Supercomputing, 76, 858-875. https://doi.org/10.1007/s11227-019-03022-1
[25]
Kumar Patro, K., Rajesh Kumar, P. (2017) Machine Learning Classification Approaches for Biometric Recognition System Using ECG Signals. Journal of Engineering Science and Technology Review, 10, 1-8. https://doi.org/10.25103/jestr.106.01
[26]
Li, L., Qin, X.L. and Dai, H. (2013) Damage Tolerance Data Query Degradation Service Mechanism. Computer Science, 40, 90-93.
[27]
Yin, T.F., Xie, X.L. and Mei, X.L. (2014) Detection Mechanism of Database Tampering Based on Digital Signature and HSM. Journal of East China University of Technology (Natural Science), 40, 376-380. http://dx.chinadoi.cn/10.3969/j.issn.1006-3080.2014.03.018
[28]
Xian, H.Q. and Feng, D.G. (2010) Integrity Detection Scheme in Qutsourced Database Model. Computer Research and Development, 47, 1107-1115.
[29]
Lai, Q.N., Chen, S.Y., Ma, H., et al. (2016) Batch Web Page Tampering Detection Method Based on Machine Learning. Journal of Central China University of Science and Technology (Natural Science Edition), 44, 16-20. http://dx.chinadoi.cn/10.13245/j.hust.161104
[30]
Kushko, E.A. and Parotkin, N.Y. (2019) Efficiency Evaluation of Secure Data Communication Protocols Stack Based on Dynamic Network Topology. 2019 International Russian Automation Conference, Sochi, 8-14 September 2019, 1-6. https://doi.org/10.1109/RUSAUTOCON.2019.8867782
[31]
Kim, A., Song, Y., Kim, M. and Cheon, J.H. (2018) Logistic Regression Model Training Based on the Approximate Homomorphic Encryption. BMC Medical Genomics, 11, Article No. 83. https://doi.org/10.1186/s12920-018-0401-7
[32]
Li, B., Chen, M.Y. and Gu, F.Q. (2010) Research and Implementation of Database Cross-Network Access. Power System Automation, 34, 103-105.
[33]
Chen, L. and Yuan, X.P. (2010) Analysis and Improvement of Information Acquisition Technology for Database Server. Computer and Modernization, 181, 94-96.
[34]
Liu, D. (2017) Database Intrusion Detection System Based on Naïve Bayesian Classification Algorithm. Network Space Security, 8, 32-34.
[35]
Sapegin, A., Gawron, M., Jaeger, D., Cheng, F. and Meinel, C. (2017) Evaluation of In-Memory Storage Engine for Machine Learning Analysis of Security Events. Concurrency and Computation: Practice and Experience, 29, e3800. https://doi.org/10.1002/cpe.3800
[36]
Xu, P.J., Zheng, J. and Xu, M.J. (2015) Role-based Multilevel Security Database Model. Computer Engineering, 41, 135-138.
[37]
He, B.Y. and Liu, R. (2013) Oracel and SQL Server Database Security Baseline Review. Journal of Yunnan University (Natural Science Edition), 35, 63-68.
[38]
An, H.X. and Xu, Y.S. (2010) Dynamic Multi-Connection Pool for Efficient Database Access. Microcomputer Application, 31, 34-41. http://dx.chinadoi.cn/10.3969/j.issn.2095-347X.2010.12.006
[39]
Yang, X.Y. and Gan, L.M. (2018) Non-Relational Database Security Research of NOSQL Based on Hadoop. Microcomputer Application, 34, 43-45. http://dx.chinadoi.cn/10.3969/j.issn.1007-757X.2018.12.015
[40]
Chang, Y., Wu, L.F. and Shiann, M.W. (2017) A Study on the Impact of Regulatory Compliance Awareness on Security Management Performance and Information Technology Capabilities. 2017 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery, Guilin, 29-31 July 2017, 2866-2871.
Kozlov, D. and Noga, N.L. (2018) Risk Management for Information Security of Corporate Information Systems Using Cloud Technology. 2018 11th International Conference “Management of Large-Scale System Development”, Moscow, 1-3 October 2018, 1-5. https://doi.org/10.1109/MLSD.2018.8551947
[43]
Zhang, Y.F., Tang, E.Y., Su, D.Z., Kuang H.-Y. and Chen, X. (2018) Intelligent Software Security Evaluation Method Driven by Natural Language Data. Journal of Software, 29, 2336-2349. http://dx.chinadoi.cn/10.13328/j.cnki.jos.005526
[44]
Prabu, S., Lakshmanan, M. and Noor Mohammed V. (2019) A Multimodal Authentication for Biometric Recognition System using Intelligent Hybrid Fusion Techniques. Journal of Medical Systems, 43, Article No. 249. https://doi.org/10.1007/s10916-019-1391-5
[45]
Coúkun, M., Uçar, A.l, Yildinm, O. and Demir, Y. (2017) Face Recognition Based on Convolutional Neural Network. 2017 International Conference on Modern Electrical and Energy Systems, Kremenchuk, 15-17 November 2017, 376-379. https://doi.org/10.1109/MEES.2017.8248937
[46]
Aishwarya, K., Suresh Kumar, B., Viswanadha Raju, S. (2019) Facial Recognition Using Aggregation and Random Forest Classification Method. Journal of Physics: Conference Series, 1362, 1-9. https://doi.org/10.1088/1742-6596/1362/1/012078
[47]
Zhou, Z.H. (2016) Machine Learning. Tsinghua University Press, Beijing.
[48]
Otti, C. (2016) Comparison of Biometric Identification Methods. 2016 11th IEEE International Symposium on Applied Computational Intelligence and Informatics, Timisoara, 12-14 May 2016, 339-344. https://doi.org/10.1109/SACI.2016.7507397
[49]
He, H.M., Tim, W., Carsten, M., Mehnen, J. and Tiwari, A. (2017) A New Semantic Attribute Deep Learning with a Linguistic Attribute Hierarchy for Spam Detection. 2017 International Joint Conference on Neural Networks, Anchorage, 14-19 May 2017, 3862-3869. https://doi.org/10.1109/IJCNN.2017.7966343
[50]
Zhang, W.W., Zheng, F.G. and Zhang, Q.W. (2015) Design and Implementation of Auditing System Based on Database Security. Journal of Zhengzhou Light Industry Institute (Natural Science Edition), 30, 69-74. http://dx.chinadoi.cn/10.3969/j.issn.2095-476X.2015.3/4.015
[51]
Yu, J. (2019) Malicious Traffic Detection Based on TensorFlow and Convolution Neural Network. 12th Academic Meeting of China Electrical Engineering Society Electric Power Communication Professional Committee, Beijing, 12-15 November 2019, 406-410.
[52]
Li, Y.F., Gong, B., Xu, D.W. and Le, J.J. (2018) Study on Database Compulsory Behavior Control in a Feasible Computing Environment. Computer Application and Software, 35, 66-72.
[53]
Ma, Z.C., Zhang, L., Yang, M.J., et al. (2015) Study on the Pattern Matching Technology and Its Application in Network Security. 2015 8th International Conference on Intelligent Computation Technology and Automation, Nanchang, 14-15 June 2015, 888-891.
[54]
Xing, G.S. and Luo, H.W. (2019) Research on Web Injection Behavior Real-time Detection Technology Based on Deep Learning. Network Security Technology and Application, No. 7, 39-40. http://dx.chinadoi.cn/10.3969/j.issn.1009-6833.2019.07.024
[55]
Hu, J.W., Zhao, W., Yan, Y. and Zhang, R. (2019) Analysis and Implementation of SQL Injection Vulnerability Mining Technology Based on Machine Learning. Information Network Security, 19, 36-42. http://dx.chinadoi.cn/10.3969/j.issn.1671-1122.2019.11.005
[56]
Ogbomon Uwagbole, S., Buchanan, W.J. and Fan, L. (2017) An Applied Pattern-Driven Corpus to Predictive Analytics in Mitigating SQL Injection Attack. 2017 7th International Conference on Emerging Security Technologies, Canterbury, 6-8 September 2017, 12-17. https://doi.org/10.1109/EST.2017.8090392
[57]
Xiang, C.Z. and Li, X.M. (2011) Design of Database Security Agent Based on SSL. Coal Technology, 30, 135-137.
[58]
Fu, S.G. (2012) Strategies for the Construction of Database Security Defense System. Coal Technology, 31, 174-175. http://dx.chinadoi.cn/10.3969/j.issn.1008-8725.2012.05.077
[59]
Seok, J.B. and Sung, B.C. (2017) A Hybrid System of Deep Learning and Learning Classifier System for Database Intrusion Detection. 2017 International Conference on Hybrid Artificial Intelligence Systems, La Rioja, 21-23 June 2017, 615-625. https://doi.org/10.1007/978-3-319-59650-1_52
[60]
Wang, Z.P. and Liu, C.G. (2011) Research and Implementation of Database Security Monitoring Technology. Coal Technology, 30, 116-118.
[61]
Li, R., Zhao, L. and Yang, J.W. (2010) An Application-Level Database Intrusion Detection Method. Computer Applications and Software, 27, 280-283.
[62]
Tang, Q.B., Yang, B. and Pan, L.M. (2019) Research on Anti-Scan Technology Based on Machine Learning. Information Security Research, 5, 303-308.
[63]
Zhang, X. (2018) Network Intrusion Detection Based on Machine Learning Algorithm. Modern Electronic Technology, 41, 124-127.
[64]
Lee, J.-H., Kim, I.K. and Han, K.J. (2015) An Abnormal Connection Detection System based on Network Flow Analysis. 2015 IEEE 5th International Conference on Consumer Electronics Berlin, Berlin, 6-9 September 2015, 71-75. https://doi.org/10.1109/ICCE-Berlin.2015.7391336
[65]
Salimov, A.S., Dolgopolov, N.M., Sukhov, A.M. and Sagatov, E.S. (2018) Application of SDN Technologies to Protect Against Network Intrusions. 2018 International Scientific and Technical Conference Modern Computer Network Technologies, Moscow, 25-26 October 2018, 1-9. https://doi.org/10.1109/MoNeTeC.2018.8572127
[66]
Subudhi, S., Kumar Behera, T. and Panigrahi, S. (2017) Use of OPTICS and Supervised Learning Methods for Database Intrusion Detection. 2017 3rd International Conference on Computational Intelligence and Networks, Odisha, 28 October 2017, 78-82. https://doi.org/10.1109/CINE.2017.10
[67]
Liu, W. and Li, S.Y. (2019) Android Mobile Application Detection Research. Computer Applications and Software, 36, 322-326.
[68]
Chen, K., Zhang, Y.J. and Liu, P. (2018) Leveraging Information Asymmetry to Transform Android Apps into Self-Defending Code Against Repackaging Attacks. IEEE Transactions on Mobile Computing, 17, 1879-1893. https://doi.org/10.1109/TMC.2017.2782249
[69]
Lin, X.B., Lin, Y.P., Li, H. and Zhang, J.L. (2020) A Novel Method for Malware Detection on ML-based Visualization Technique. Computers & Security, 89, Article ID: 101682. https://doi.org/10.1016/j.cose.2019.101682
[70]
Ajay Kumara, M.A. and Jaidhar, C.D. (2018) Automated Multi-Level Malware Detection System Based on Reconstructed Semantic View of Executables Using Machine Learning Techniques at VMM. Future Generation Computer Systems, 79, 431-446. https://doi.org/10.1016/j.future.2017.06.002
[71]
Chandel, S., Ni, T.-Y. and Yang, G. (2018) Enterprise Cloud: Its Growth & Security Challenges in China. 2018 5th IEEE International Conference on Cyber Security and Cloud Computing/2018 4th IEEE International Conference on Edge Computing and Scalable Cloud, Shanghai, 22-24 June 2018, 144-152. https://doi.org/10.1109/CSCloud/EdgeCom.2018.00034
[72]
Ahmed Khalaf, B. and Mostafa, S.A., Mustapha, A. Abed Mohammed, M. and Mustafa, A.W. (2019) Comprehensive Review of Artificial Intelligence and Statistical Approaches in Distributed Denial of Service Attack and Defense Methods. IEEE Access, 7, 51691-51713. https://doi.org/10.1109/ACCESS.2019.2908998
[73]
Liu, Z.T., Jin, H., Hu, Y.-C. and Bailey, M. (2018) Practical Proactive DDoS-Attack Mitigation via Endpoint-Driven In-Network Traffic Control. IEEE/ACM Transactions on Networking, 26, 1948-1961. https://doi.org/10.1109/TNET.2018.2854795
[74]
Ali, S. and Li, A. (2019) Learning Multilevel Auto-Encoders for DDoS Attack Detection in Smart Grid Network. IEEE Access, 7, 108647-108659. https://doi.org/10.1109/ACCESS.2019.2933304
[75]
Mohammad-Mahdi, B., Thibaut, S., Marc, L., Südholt, M. and Menaud, J.-M.(2018) Cache-Based Side-Channel Attacks Detection through Intel Cache Monitoring Technology and Hardware Performance Counters. 2018 3rd International Conference on Fog and Mobile Edge Computing, Barcelona, 23-26 April 2018, 1-6.
[76]
Rajendran, J., Karri, R., Wendt, J.B., Potkonjak, M., McDonald, N., Rose, G.S. and Wysocki, B. (2015) Nano Meets Security: Exploring Nano Electronic Devices for Security Applications. Proceedings of the IEEE, 103, 829-849. https://doi.org/10.1109/JPROC.2014.2387353
