CAJ | 학술논문

通过分析数据库安全审计机制，提出一种基于旁路监听的数据库安全审计系统框架，并实现了针对Oracle数据库的安全审计系统。涉及Java网络抓包、TNS协议解析、SQL语法解析和数据库安全检测等技术实现，提出一种发现用户正常行为规则的异常检测算法。系统实验结果表明该系统能有效对Oracle数据库进行实时安全审计，并实现了数据库操作行为的安全检测。
통과분석수거고안전심계궤제，제출일충기우방로감은적수거고안전심계계통광가，병실현료침대Oracle수거고적안전심계계통。섭급Java망락조포、TNS협의해석、SQL어법해석화수거고안전검측등기술실현，제출일충발현용호정상행위규칙적이상검측산법。계통실험결과표명해계통능유효대Oracle수거고진행실시안전심계，병실현료수거고조작행위적안전검측。
By analyzing the database security audit mechanism, a type of database security audit system framework based on bypass monitoring is proposed and a system aiming at Oracle database is completed under the framework. This paper refers to the technology realization of network packet capture based on Java, TNS protocol analysis, SQL parsing and database security detection. An anomaly detection algorithm which can discover user’s normal behavior is also proposed. The experimental result shows that this system can audit Oracle database effectively in real time and can analyze the security of database operation.