DBMS Application Layer Intrusion Detection for Data Warehouses
Data Warehouses (DWs) are used for producing business knowledge and aiding decision support. Since they store the secrets of the business, securing their data is critical. To accomplish this, several Database Intrusion Detection Systems (DIDS) have been proposed. However, when using DIDS in DWs, most solutions either produce too many false positives (i.e. false alarms) that must be verified or too many false negatives (i.e. true intrusions that pass undetected). Moreover, many approaches detect intrusions a posteriori which, given the sensitivity of DW data, may result in irreparable cost. This paper examines intrusion detection from a data warehousing perspective and the reasons why traditional database security methods are not sufficient to avoid intrusions.