Towards a Hybrid Immune Algorithm Based on Danger Theory for Database Security

In Databases, the most prevalent cause of data breaches comes from insiders who misuse their account privileges. Due to the difficulty of discovering such breaches, an adaptive, accurate, and proactive database security strategy is required. Intrusion detection systems are utilized to detect, as fast as possible, user's account privilege misuse when a prevention mechanism has failed to address such breaches. In order to address the foremost deficiencies of intrusion detection systems, artificial immune systems are used to tackle these defects. The dynamic and more complex nature of cybersecurity, as well as the high false positive rate and high false negative percentage in current intrusion detection systems, are examples of such deficiency. In this paper, we propose an adaptable efficient database intrusion detection algorithm based on a combination of the Danger Theory model and the Negative Selection algorithm from artificial immune system mechanisms. Experimental results for the implementation of the proposed algorithm provide a self-learning mechanism for achieving high detection coverage with a low false positive rate by using the signature of previously detected intrusions as detectors for the future detection process. The proposed algorithm can enhance detecting insider threats and eliminate data breaches by protecting confidentiality, ensuring integrity, and maintaining availability. To give an integrated picture, a comprehensive and informative survey for the different research directions that are related to the proposed algorithm is performed.