Evolutionary reinforcement learning for adaptively detecting database intrusions

Seul Gi Choi; Sung Bae Cho

doi:10.1093/JIGPAL/JZZ053

Evolutionary reinforcement learning for adaptively detecting database intrusions

Seul Gi Choi, Sung Bae Cho

College of Computing

Research output: Contribution to journal › Article › peer-review

3 Citations (Scopus)

Abstract

Relational database management system (RDBMS) is the most popular database system. It is important to maintain data security from information leakage and data corruption. RDBMS can be attacked by an outsider or an insider. It is difficult to detect an insider attack because its patterns are constantly changing and evolving. In this paper, we propose an adaptive database intrusion detection system that can be resistant to potential insider misuse using evolutionary reinforcement learning, which combines reinforcement learning and evolutionary learning. The model consists of two neural networks, an evaluation network and an action network. The action network detects the intrusion, and the evaluation network provides feedback to the detection of the action network. Evolutionary learning is effective for dynamic patterns and atypical patterns, and reinforcement learning enables online learning. Experimental results show that the performance for detecting abnormal queries improves as the proposed model learns the intrusion adaptively using Transaction Processing performance Council-E scenario-based virtual query data. The proposed method achieves the highest performance at 94.86%, and we demonstrate the usefulness of the proposed method by performing 5-fold cross-validation.

Original language	English
Pages (from-to)	449-460
Number of pages	12
Journal	Logic Journal of the IGPL
Volume	28
Issue number	4
DOIs	https://doi.org/10.1093/JIGPAL/JZZ053
Publication status	Published - 2020

Bibliographical note

Funding Information:
This work was partly supported by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korean government (MSIT) (No. 2020-0-01361, Artificial Intelligence Graduate School Program (Yonsei University)) and Defense Acquisition Program Administration and Agency for Defense Development under the contract (UD190016ED).

Publisher Copyright:
© The Author(s) 2019. Published by Oxford University Press. All rights reserved.

All Science Journal Classification (ASJC) codes

Logic

Access to Document

10.1093/JIGPAL/JZZ053

Cite this

@article{5565729edb84479f834a4d2250350113,

title = "Evolutionary reinforcement learning for adaptively detecting database intrusions",

abstract = "Relational database management system (RDBMS) is the most popular database system. It is important to maintain data security from information leakage and data corruption. RDBMS can be attacked by an outsider or an insider. It is difficult to detect an insider attack because its patterns are constantly changing and evolving. In this paper, we propose an adaptive database intrusion detection system that can be resistant to potential insider misuse using evolutionary reinforcement learning, which combines reinforcement learning and evolutionary learning. The model consists of two neural networks, an evaluation network and an action network. The action network detects the intrusion, and the evaluation network provides feedback to the detection of the action network. Evolutionary learning is effective for dynamic patterns and atypical patterns, and reinforcement learning enables online learning. Experimental results show that the performance for detecting abnormal queries improves as the proposed model learns the intrusion adaptively using Transaction Processing performance Council-E scenario-based virtual query data. The proposed method achieves the highest performance at 94.86%, and we demonstrate the usefulness of the proposed method by performing 5-fold cross-validation.",

author = "Choi, {Seul Gi} and Cho, {Sung Bae}",

note = "Funding Information: This work was partly supported by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korean government (MSIT) (No. 2020-0-01361, Artificial Intelligence Graduate School Program (Yonsei University)) and Defense Acquisition Program Administration and Agency for Defense Development under the contract (UD190016ED). Publisher Copyright: {\textcopyright} The Author(s) 2019. Published by Oxford University Press. All rights reserved.",

year = "2020",

doi = "10.1093/JIGPAL/JZZ053",

language = "English",

volume = "28",

pages = "449--460",

journal = "Logic Journal of the IGPL",

issn = "1367-0751",

publisher = "Oxford University Press",

number = "4",

}

TY - JOUR

T1 - Evolutionary reinforcement learning for adaptively detecting database intrusions

AU - Choi, Seul Gi

AU - Cho, Sung Bae

N1 - Funding Information: This work was partly supported by Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korean government (MSIT) (No. 2020-0-01361, Artificial Intelligence Graduate School Program (Yonsei University)) and Defense Acquisition Program Administration and Agency for Defense Development under the contract (UD190016ED). Publisher Copyright: © The Author(s) 2019. Published by Oxford University Press. All rights reserved.

PY - 2020

Y1 - 2020

N2 - Relational database management system (RDBMS) is the most popular database system. It is important to maintain data security from information leakage and data corruption. RDBMS can be attacked by an outsider or an insider. It is difficult to detect an insider attack because its patterns are constantly changing and evolving. In this paper, we propose an adaptive database intrusion detection system that can be resistant to potential insider misuse using evolutionary reinforcement learning, which combines reinforcement learning and evolutionary learning. The model consists of two neural networks, an evaluation network and an action network. The action network detects the intrusion, and the evaluation network provides feedback to the detection of the action network. Evolutionary learning is effective for dynamic patterns and atypical patterns, and reinforcement learning enables online learning. Experimental results show that the performance for detecting abnormal queries improves as the proposed model learns the intrusion adaptively using Transaction Processing performance Council-E scenario-based virtual query data. The proposed method achieves the highest performance at 94.86%, and we demonstrate the usefulness of the proposed method by performing 5-fold cross-validation.

AB - Relational database management system (RDBMS) is the most popular database system. It is important to maintain data security from information leakage and data corruption. RDBMS can be attacked by an outsider or an insider. It is difficult to detect an insider attack because its patterns are constantly changing and evolving. In this paper, we propose an adaptive database intrusion detection system that can be resistant to potential insider misuse using evolutionary reinforcement learning, which combines reinforcement learning and evolutionary learning. The model consists of two neural networks, an evaluation network and an action network. The action network detects the intrusion, and the evaluation network provides feedback to the detection of the action network. Evolutionary learning is effective for dynamic patterns and atypical patterns, and reinforcement learning enables online learning. Experimental results show that the performance for detecting abnormal queries improves as the proposed model learns the intrusion adaptively using Transaction Processing performance Council-E scenario-based virtual query data. The proposed method achieves the highest performance at 94.86%, and we demonstrate the usefulness of the proposed method by performing 5-fold cross-validation.

UR - http://www.scopus.com/inward/record.url?scp=85094178131&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85094178131&partnerID=8YFLogxK

U2 - 10.1093/JIGPAL/JZZ053

DO - 10.1093/JIGPAL/JZZ053

M3 - Article

AN - SCOPUS:85094178131

SN - 1367-0751

VL - 28

SP - 449

EP - 460

JO - Logic Journal of the IGPL

JF - Logic Journal of the IGPL

IS - 4

ER -

Evolutionary reinforcement learning for adaptively detecting database intrusions

Abstract

Bibliographical note

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this