Excessive Permissions Investigation with Data-Driven Account Security with Classification
Abstract
Many companies lack configuration systems due to the need to protect assets from unauthorized access by individuals or groups. Data mining can help by securing the configuration system to identify accounts in the database. Given the sensitivity of activities on the database system, access permissions are a major concern, especially with unauthorized users. Excessive permissions can compromise database security, making it important to group users into authorized and unauthorized classes. This study uses the decision tree method to extract and investigate factors that affect excessive permissions, and validates the dataset with 10-fold cross-validation to ensure data quality. The final result identifies two classes for user access, showing that the decision tree method performs well with significant values on the AUC curve and the Confusion Matrix
Downloads
References
W. Chang and J. Wu, Fog / Edge Computing For Security , Privacy ,. 2021.
A. A. Z. T. A. F. X. Yi, SCADA Security Machine Learning Concepts for Intrusion Detection and Prevention. 2021.
C. Kanth, Y. Vengalarao, S. . Kumar, P. . Chaitanya, and S. Himaja, “A Study On Database Security Issues And Overcome Techniques,” JAC A J. Compos. Theory, vol. XIV, no. Xi, pp. 1–6, 2021.
A. I. Technology and A. Govardhan, “A FULLY DISTRIBUTED SECURE APPROACH USING NONDETERMINISTIC ENCRYPTION FOR DATABASE SECURITY IN CLOUD,” J. Theor. Appl. Inf. Technol., vol. 100, no. 7, pp. 2218–2228, 2022.
K. Jamsa, Introduction to Data Mining and Analytics-Jones & Bartlett Learning LLC (2021). 2021.
M. R. Anwar, R. Panjaitan, and R. Supriati, “Implementation Of Database Auditing By Synchronization DBMS,” Int. J. Cyber IT Serv. Manag., vol. 1, no. 2 SE-Articles, pp. 197–205, 2021,
D. Binu and B. Rajakumar, Artificial Intelligence in Data Mining. London: Oxford University, 2021.
A. J. Moreno-Guerrero, G. Gómez-García, J. López-Belmonte, and C. Rodríguez-Jiménez, “Internet addiction in the web of science database: A review of the literature with scientific mapping,” Int. J. Environ. Res. Public Health, vol. 17, no. 8, pp. 1–16, 2020, doi: 10.3390/ijerph17082753.
C. M. J. Ryngaert and N. A. N. M. Van Eijk, “International cooperation by (European) security and intelligence services: Reviewing the creation of a joint database in light of data protection guarantees,” Int. Data Priv. Law, vol. 9, no. 1, pp. 61–73, 2019, doi: 10.1093/idpl/ipz001.
B. Charbuty and A. Abdulazeez, “Classification Based on Decision Tree Algorithm for Machine Learning,” J. Appl. Sci. Technol. Trends, vol. 2, no. 01, pp. 20–28, 2021, doi: 10.38094/jastt20165.
S. Baloch and M. S. Muhammad, “An Intelligent Data Mining-Based Fault Detection and Classification Strategy for Microgrid,” IEEE Access, vol. 9, no. 1, pp. 22470–22479, 2021, doi: 10.1109/ACCESS.2021.3056534.
S. Sahoo, A. Subudhi, M. Dash, and S. Sabut, “Automatic Classification of Cardiac Arrhythmias Based on Hybrid Features and Decision Tree Algorithm,” Int. J. Autom. Comput., vol. 17, no. 4, pp. 551–561, 2020, doi: 10.1007/s11633-019-1219-2.
I. D. Mienye, Y. Sun, and Z. Wang, “Prediction performance of improved decision tree-based algorithms: A review,” Procedia Manuf., vol. 35, pp. 698–703, 2019, doi: 10.1016/j.promfg.2019.06.011.
H. Li and S. Li, Two-Echelon Location Routing Problem with Multi-fuzzy and Pick-Delivery Model and Algorithm, vol. 928. 2020.
D. Iordache, “Database – Web Interface Vulnerabilities,” Strateg. XXI - Secur. Def. Fac., vol. 17, no. 1, pp. 279–287, 2021, doi: 10.53477/2668-2001-21-35.
G. Zhou, Data Mining for Co-Location Patterns, First Edit. Boca Raton: Taylor & Francis Group, LLC, 2022.
H. Sulistiani and A. A. Aldino, “Decision Tree C4.5 Algorithm for Tuition Aid Grant Program Classification (Case Study: Department of Information System, Universitas Teknokrat Indonesia),” Edutic - Sci. J. Informatics Educ., vol. 7, no. 1, pp. 40–50, 2020, doi: 10.21107/edutic.v7i1.8849.
A. Husejinović, “Credit card fraud detection using naive Bayesian and c4.5 decision tree classifiers,” Period. Eng. Nat. Sci., vol. 8, no. 1, pp. 1–5, 2020.
A. Arabameri et al., “Novel credal decision tree-based ensemble approaches for predicting the landslide susceptibility,” Remote Sens., vol. 12, no. 20, pp. 1–27, 2020, doi: 10.3390/rs12203389.
J. Liang, Z. Qin, S. Xiao, L. Ou, and X. Lin, “Efficient and Secure Decision Tree Classification for Cloud-Assisted Online Diagnosis Services,” IEEE Trans. Dependable Secur. Comput., vol. 18, no. 4, pp. 1632–1644, 2021, doi: 10.1109/TDSC.2019.2922958.
M. K. Anam, B. N. Pikir, and M. B. Firdaus, “Penerapan Na ̈ıve Bayes Classifier, K-Nearest Neighbor (KNN) dan Decision Tree untuk Menganalisis Sentimen pada Interaksi Netizen danPemeritah,” MATRIK J. Manajemen, Tek. Inform. dan Rekayasa Komput., vol. 21, no. 1, pp. 139–150, 2021, doi: 10.30812/matrik.v21i1.1092.
N. Yuvaraj et al., “Automatic detection of cyberbullying using multi-feature based artificial intelligence with deep decision tree classification,” Comput. Electr. Eng., vol. 92, no. June 2020, p. 107186, 2021, doi: 10.1016/j.compeleceng.2021.107186.
K. Gajowniczek and T. Ząbkowski, “Interactive decision tree learning and decision rule extraction based on the imbtreeentropy and imbtreeauc packages,” Processes, vol. 9, no. 7, pp. 1–16, 2021, doi: 10.3390/pr9071107.
S. Xue, “‘Face Database Security Information Verification Based on Recognition Technology,’ IJ Netw,” Int. J. Netw. Secur., vol. 21, no. 4, p. 4, 2019, doi: 10.6633/IJNS.201907.
C. K. Wee and R. Nayak, “A novel machine learning approach for database exploitation detection
and privilege control,” J. Inf. Telecommun., vol. 3, no. 3, pp. 308–325, 2019, doi:
1080/24751839.2019.1570454
