Receive a 20% Discount on All Purchases Directly Through IGI Global's Online Bookstore.
Additionally, libraries can receive an extra 5% discount. Learn More

Special Offers
- Subscribe to the latest research through IGI Global's new InfoSci-OnDemand Plus
  InfoSci®-OnDemand Plus, a subscription-based service, provides researchers the ability to access full-text content from over 100,000 peer-reviewed book chapters and 26,000+ scholarly journal articles covering 11 core subjects. Users can select articles or chapters that meet their interests and gain access to the full content permanently in their personal online InfoSci-OnDemand Plus library.
  Subscribe
- Encyclopedia of Information Science and Technology, Fourth Edition (10 Volumes) Now 50% Off
  Take 50% off when purchasing the Encyclopedia directly through IGI Global's Online Bookstore. Plus, receive the complimentary e-books for the first, second, and third editions with the purchase of the Encyclopedia of Information Science and Technology, Fourth Edition e-book.
  Purchase
- Create a Free IGI Global Library Account to Receive a 25% Discount on All Purchases
  Exclusive benefits include one-click shopping, flexible payment options, free COUNTER 4 and MARC records, and a 25% discount on all titles as well as the award-winning InfoSci^®-Databases.
  Sign Up Now!
- InfoSci^®-Journals Annual Subscription Price for New Customers: As Low As US$ 5,100
  This collection of over 175 e-journals offers unlimited access to highly-cited, forward-thinking content in full-text PDF and XML with no DRM. There are no platform or maintenance fees and a guarantee of no more than 5% increase annually.
  Learn More
- Discounted Titles Only Available through IGI Global’s Online Bookstore
  Take 20% off all publications purchased directly through the IGI Global Online Bookstore.
  
  Shop Now
Books
Journals
InfoSci^®-Databases
Videos
OnDemand
Publish with IGI Global
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - Researchers
  - Browse Books
  - Browse Journals
  - Streaming Videos
  - OnDemand Downloads
  - Webinars
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - Fair Use Policy
  - Copy Editing Service
  - FAQ
  - Distributors
  - Distributor Resources
  - Book Distributors
  - Journal Subscription Agencies
  - E-Resource Partners
About Us
Newsroom

Detecting Advanced Persistent Threats in Oracle Databases: Methods and Techniques

Lynn Ray (University of Maryland – University College, USA) and Henry Felch (University of Maine – Augusta, USA)

Source Title: Strategic Information Systems and Technologies in Modern Organizations

DOI: 10.4018/978-1-5225-1680-4.ch004

OnDemand PDF Download:

$30.00

List Price: $37.50

Abstract

Advanced persistent threats (APTs) have become a big problem for computer systems. Databases are vulnerable to these threats and can give attackers access to an organizations sensitive data. Oracle databases are at greater risk due to their heavy use as back-ends to corporate applications such as enterprise resource planning software. This chapter will describe a methodology for finding APTs hiding or operating deep within an Oracle database system. Using an understanding of Oracle normal operations provides a baseline to assist in discovering APT behavior. Incorporating these and other techniques such as database activity monitoring, machine learning, neural networks and honeypots/tokens can create a database intrusion detection system capable of finding these threats.

Chapter Preview

Top

Background

Before determining how to detect APTs, one needs to understand just what is an APT. Also the means of how they operate is important to determining how to detect them.

What Are They?

APTs are sophisticated cyber-attacks to get valuable information (Casenove & Kowalczewska, 2015). They use custom malware to gain leverage within a network. They may use a wide variety of tools and techniques to gain access to the target. They can vary their tools and techniques used depending on the target. The attackers are persistent and adjust their tactics to get around any protection mechanism in their way. They perform repetitive and continuous attacks over a long time. APT attacks use long-term campaigns and stealthy techniques (Chen, Desmet, & Huyens, 2014). Attackers use zero-day and and encryption to avoid detection. The attackers also consistently change their tactics as the defensive measures change (Kim, Cho, & Yeo, 2014). This makes them difficult to detect and stop. APTs can last for months to years depending on the attacker. It was believed that the skills needed to integrate an APT attack is too sophisticated for the average hacker. However, the tools available today require only basic skills to use and can be utilized to conduct an APT attack.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference

Detecting Advanced Persistent Threats in Oracle Databases: Methods and Techniques

Abstract

Background

What Are They?

Complete Chapter List