CID: a novel clustering-based database intrusion detection algorithm

At the same time with the increase in the data volume, attacks against the database are also rising, therefore information security and confidentiality became a critical challenge. One promised solution against malicious attacks is the intrusion detection system. In this paper, anomaly detection concept is used to propose a method for distinguishing between normal and abnormal activities. For this purpose, a new density-based clustering intrusion detection (CID) method is proposed which clusters queries based on a similarity measure and labels them as normal or intrusion. The experiments are conducted on two standard datasets including TPC-C and TPC-E. The results show proposed model outperforms state-of-the-art algorithms as baselines in terms of FN, FP, Precision, Recall and F-score measures.