This paper studies the detection of intrusions and breaches of data confidentiality stored in database management systems (DBMSs) based on behavioral analysis. A major challenge in this domain lies in considering not only the syntax of the query but also the semantic relationships of the data, since syntactic and contextual approaches fail to detect all types of attacks. Based on an analysis of well-known studies, a method for detecting anomalies in user behavior is proposed based on the author’s behavior assessment metrics and the scope of the requested data. The proposed method develops a well-known work, while significantly improving the detection of certain types of behavioral deviations. An important part of this study involves identifying the features of the application of this type of analysis and its limitations.
Poltavtseva et al. (Mon,) studied this question.