Database Audit Log

2097 Words9 Pages
Abstract—Information security policy demands auditing for the high performance databases so as to make sure data integrity. Database audit logs contain the information about database operations which are helpful to verify accuracy, lawfulness and to report risks. In financial systems, the audit logs should be monitored on continuous basis in order to detect and take action against any reasonably abnormal behavior. Outlier detection is a very important concept in the data mining which is useful in data analysis. Nowadays, a direct mapping can be found between the data outliers and the real world anomalies, and hence the outlier detection techniques can be applied to detect the abnormal activities in financial transactions. The purpose of the…show more content…
PROPOSED SYSTEM The proposed system of Outlier Detection in Financial transactions audit logs has two Modules:
1) Rule-based outlier detection
2) Profile-based outlier detection
The one time activities in development of this framework include generating a synthetic dataset and enabling Audit logs on database tables.
A. Rule-based outlier detection This approach considers a set of rules. The rules define the outlier behavior. The transaction records are categorized according to whether their behavior matches with the rules or not. Later on the Bayesian classification is used to determine the level of suspicion and priority to take action against it.
The different rules to be considered for outlier detection are as mentioned in TABLE I.
B. Profile-based outlier detection
This approach builds the user model based on user’s transaction history and later on compares the user’s transactions against the respective profile. If any deviation is detected, the transaction is detected as an outlier.
TABLE I. RULES FOR OUTLIER DETECTION
Rule No. Category Description
1 Account activity Sudden transactions in dormant account i.e previously inactive
…show more content…
d) Generate outlier transaction report with detail information about deviation from behavior.
VI. CONCLUSION
We have modeled a system for financial system to monitor and detect suspicious transactions using outlier detection approach on audit logs. We can state that audit log is one of the important resources for suspicious transaction detection and our system provides efficient methods for analyzing audit logs. Our system reduces the need for skilled staff, as it doesn't demand to have a staff having thorough knowledge about the rules and also reduces the time required for detection and reporting by efficiently managing the whole process automatically.
REFERENCES
[1] H.D.Kuna, R. Garcia-Matinez, F.R.Villatoro, “Outlier detection in audit logs for application systems”, Elsevier, ScienceDirect Information Systems journal, 2014
[2] Harmeet Kaur Khanuja, Dattatraya S. Adane, “Forensic Analysis for Monitoring Database Transactions”, Springer, Computer and Information Science Volume 467, pp 201-210,
Open Document