{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,28]],"date-time":"2025-03-28T06:27:18Z","timestamp":1743143238143,"version":"3.40.3"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030172763"},{"type":"electronic","value":"9783030172770"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-17277-0_7","type":"book-chapter","created":{"date-parts":[[2019,4,24]],"date-time":"2019-04-24T09:55:51Z","timestamp":1556099751000},"page":"113-133","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Techniques and Systems for Anomaly Detection in Database Systems"],"prefix":"10.1007","author":[{"given":"Asmaa","family":"Sallam","sequence":"first","affiliation":[]},{"given":"Elisa","family":"Bertino","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,4,25]]},"reference":[{"key":"7_CR1","series-title":"Advances in Information Security","doi-asserted-by":"publisher","first-page":"69","DOI":"10.1007\/978-0-387-77322-3_5","volume-title":"Insider Attack and Cyber Security","author":"MB Salem","year":"2008","unstructured":"Salem, M.B., Hershkop, S., Stolfo, S.J.: A survey of insider attack detection research. In: Stolfo, S.J., Bellovin, S.M., Keromytis, A.D., Hershkop, S., Smith, S.W., Sinclair, S. (eds.) Insider Attack and Cyber Security. ADIS, vol. 39, pp. 69\u201390. Springer, Boston (2008). \n                      https:\/\/doi.org\/10.1007\/978-0-387-77322-3_5"},{"key":"7_CR2","unstructured":"Software Engineering Institute: Analytic approaches to detect insider threats. Technical report, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA (2015). \n                      http:\/\/resources.sei.cmu.edu\/library\/asset-view.cfm?assetid=451065\n                      \n                    . Accessed 28 Oct 2016"},{"issue":"5","key":"7_CR3","doi-asserted-by":"publisher","first-page":"1063","DOI":"10.1007\/s00778-007-0051-4","volume":"17","author":"A Kamra","year":"2008","unstructured":"Kamra, A., Terzi, E., Bertino, E.: Detecting anomalous access patterns in relational databases. VLDB J. 17(5), 1063\u20131077 (2008)","journal-title":"VLDB J."},{"key":"7_CR4","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"382","DOI":"10.1007\/978-3-642-15512-3_20","volume-title":"Recent Advances in Intrusion Detection","author":"S Mathew","year":"2010","unstructured":"Mathew, S., Petropoulos, M., Ngo, H.Q., Upadhyaya, S.: A data-centric approach to insider attack detection in database systems. In: Jha, S., Sommer, R., Kreibich, C. (eds.) RAID 2010. LNCS, vol. 6307, pp. 382\u2013401. Springer, Heidelberg (2010). \n                      https:\/\/doi.org\/10.1007\/978-3-642-15512-3_20"},{"key":"7_CR5","doi-asserted-by":"crossref","unstructured":"Sallam, A., Xiao, Q., Bertino, E., Fadolalkarim, D.: Anomaly detection techniques for database protection against insider threats. In: 2016 IEEE International Conference on Information Reuse and Integration, IRI 2016, Pittsburgh, PA, USA, pp. 28\u201330 (2016)","DOI":"10.1109\/IRI.2016.12"},{"issue":"6","key":"7_CR6","first-page":"231","volume":"6","author":"A Sallam","year":"2016","unstructured":"Sallam, A., Fadolalkarim, D., Bertino, E., Xiao, Q.: Data and syntax centric anomaly detection for relational databases. Wiley Interdisc. Rev.: Data Min. Knowl. Disc. 6(6), 231\u2013239 (2016)","journal-title":"Wiley Interdisc. Rev.: Data Min. Knowl. Disc."},{"key":"7_CR7","doi-asserted-by":"crossref","unstructured":"Sallam, A., Bertino, E.: Detection of temporal data ex-filtration threats to relational databases. In: Proceedings of the 4th IEEE International Conference on Collaboration and Internet Computing, CIC 2018, Philadelphia, PA, USA. IEEE (2018)","DOI":"10.1109\/CIC.2018.00030"},{"key":"7_CR8","doi-asserted-by":"crossref","unstructured":"Sallam, A., Bertino, E.: Detection of temporal insider threats to relational databases. In: 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), pp. 406\u2013415 (2017)","DOI":"10.1109\/CIC.2017.00058"},{"key":"7_CR9","doi-asserted-by":"crossref","unstructured":"Sallam, A., Bertino, E.: Result-based detection of insider threats to relational databases. In: Proceedings of the 9th ACM Conference on Data and Application Security and Privacy, CODASPY 2019, pp. 25\u201335. ACM (2015)","DOI":"10.1145\/3292006.3300039"},{"key":"7_CR10","doi-asserted-by":"crossref","unstructured":"Mazzawi, H., Dalal, G., Rozenblatz, D., Ein-Dorx, L., Niniox, M., Lavi, O.: Anomaly detection in large databases using behavioral patterning. In: 2017 IEEE 33rd International Conference on Data Engineering (ICDE), April 2017, pp. 1140\u20131149 (2017)","DOI":"10.1109\/ICDE.2017.158"},{"key":"7_CR11","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"851","DOI":"10.1007\/11408079_77","volume-title":"Database Systems for Advanced Applications","author":"Q Yao","year":"2005","unstructured":"Yao, Q., An, A., Huang, X.: Finding and analyzing database user sessions. In: Zhou, L., Ooi, B.C., Meng, X. (eds.) DASFAA 2005. LNCS, vol. 3453, pp. 851\u2013862. Springer, Heidelberg (2005). \n                      https:\/\/doi.org\/10.1007\/11408079_77"},{"issue":"2","key":"7_CR12","doi-asserted-by":"publisher","first-page":"483","DOI":"10.1109\/JSYST.2015.2487221","volume":"11","author":"A Sallam","year":"2017","unstructured":"Sallam, A., Bertino, E., Hussain, S.R., Landers, D., Lefler, R.M., Steiner, D.: DBSAFE - an anomaly detection system to protect databases from exfiltration attempts. IEEE Syst. J. 11(2), 483\u2013493 (2017)","journal-title":"IEEE Syst. J."},{"issue":"4","key":"7_CR13","doi-asserted-by":"publisher","first-page":"277","DOI":"10.14778\/2732240.2732246","volume":"7","author":"DE Difallah","year":"2013","unstructured":"Difallah, D.E., Pavlo, A., Curino, C., Cudre-Mauroux, P.: OLTP-Bench: an extensible testbed for benchmarking relational databases. Proc. VLDB Endow. 7(4), 277\u2013288 (2013)","journal-title":"Proc. VLDB Endow."},{"key":"7_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1007\/978-3-540-75294-3_15","volume-title":"Dependable Computing","author":"J Fonseca","year":"2007","unstructured":"Fonseca, J., Vieira, M., Madeira, H.: Integrated intrusion detection in databases. In: Bondavalli, A., Brasileiro, F., Rajsbaum, S. (eds.) LADC 2007. LNCS, vol. 4746, pp. 198\u2013211. Springer, Heidelberg (2007). \n                      https:\/\/doi.org\/10.1007\/978-3-540-75294-3_15"},{"issue":"99","key":"7_CR15","first-page":"1","volume":"PP","author":"L Bossi","year":"2016","unstructured":"Bossi, L., Bertino, E., Hussain, S.: A system for profiling and monitoring database access patterns by application programs for anomaly detection. IEEE Trans. Softw. Eng. PP(99), 1 (2016)","journal-title":"IEEE Trans. Softw. Eng."},{"key":"7_CR16","doi-asserted-by":"crossref","unstructured":"Hussain, S.R., Sallam, A.M., Bertino, E.: DetAnom: detecting anomalous database transactions by insiders. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015, pp. 25\u201335. ACM (2015)","DOI":"10.1145\/2699026.2699111"},{"key":"7_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"123","DOI":"10.1007\/11506881_8","volume-title":"Detection of Intrusions and Malware, and Vulnerability Assessment","author":"F Valeur","year":"2005","unstructured":"Valeur, F., Mutz, D., Vigna, G.: A learning-based approach to the detection of SQL attacks. In: Julisch, K., Kruegel, C. (eds.) DIMVA 2005. LNCS, vol. 3548, pp. 123\u2013140. Springer, Heidelberg (2005). \n                      https:\/\/doi.org\/10.1007\/11506881_8"},{"key":"7_CR18","first-page":"27","volume":"32","author":"E Costante","year":"2017","unstructured":"Costante, E., Vavilis, S., Etalle, S., den Hartog, J., Petkovi\u0107, M., Zannone, N.: A white-box anomaly-based framework for database leakage detection. J. Inf. Secur. Appl. 32, 27\u201346 (2017)","journal-title":"J. Inf. Secur. Appl."}],"container-title":["Lecture Notes in Computer Science","Policy-Based Autonomic Data Governance"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-17277-0_7","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T09:45:29Z","timestamp":1558345529000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-17277-0_7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030172763","9783030172770"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-17277-0_7","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"25 April 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}