Database Anomalous Activities: Detection and Quantification
The disclosure of sensitive data to unauthorized entities is a critical issue for organizations. Timely detection of data leakage is crucial to reduce possible damages. Therefore, breaches should be detected as early as possible, e.g., when data are leaving the database. In this paper, the authors focus on data leakage detection by monitoring database activities. They present a framework that automatically learns normal user behavior, in terms of database activities, and detects anomalies as deviation from such behavior. In addition, their approach explicitly indicates the root cause of an anomaly.