DBPrompt: A Database Anomaly Operation Detection and Analysis via Prompt Learning | SpringerLink
Skip to main content
Springer Nature Link
Log in

DBPrompt: A Database Anomaly Operation Detection and Analysis via Prompt Learning

  • Conference paper
  • First Online:
Advanced Intelligent Computing Technology and Applications (ICIC 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14869))

Included in the following conference series:

  • 664 Accesses

Abstract

Database systems are widely used in various domains to store a significant amount of critical data. However, there has been a growing incidence of anomalous database access behaviors, causing significant impacts on database security. Despite the array of contemporary database protection methods, the existing methods have the following limitations: (1) Limited Interpretability. (2) Traditional methods of anomaly root cause analysis lack automation and rely on manual identification, leading to various misjudgments.

(3) The scale of the database operation logs is enormous, requiring substantial resources for training. We introduce DBPrompt, a new semi-supervised and interpretable method for detecting and analyzing database anomalies. It reduces resource usage and prevents data forgetfulness in large language models through clustering and iterative summaries. DBPrompt uses prompt learning with specialized strategies for detecting database anomalies. Our tests show that DBPrompt outperforms current methods without needing fine-tuning and effectively classifies and analyzes identified anomalies, yielding positive results.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 9380
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 11725
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Big data platform security event detection and classification identification. https://www.datafountain.cn/competitions/595/. (2022)

  2. Alizadeh, M., Peters, S., Etalle, S., Zannone, N.: Behavior analysis in the medical sector: theory and practice. In: Proceedings of the 33rd Annual ACM Symposium on Applied Computing. Association for Computing Machinery (2018)

    Google Scholar 

  3. Amer, M., Goldstein, M., Abdennadher, S.: Enhancing one-class support vector machines for unsupervised anomaly detection. In: Proceedings of the ACM SIGKDD Workshop on Outlier Detection and Description. Association for Computing Machinery, pp. 8–15 (2013)

    Google Scholar 

  4. Audibert, J., Michiardi, P., Guyard, F., Marti, S., Zuluaga, M.A.: USAD: unsupervised anomaly detection on multivariate time series. In: Proceedings of the 26th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. KDD ‘20, Association for Computing Machinery, pp. 3395–3404 (2020)

    Google Scholar 

  5. Chalapathy, R., Chawla, S.: Deep learning for anomaly detection: a survey. arXiv preprint arXiv:1901.03407 (2019)

  6. Chandola, V., Banerjee, A., Kumar, V.: Anomaly detection: a survey. ACM Comput. Surv. 41(3), 1–58 (2009)

    Article  Google Scholar 

  7. Chen, Y., Xie, H., et al.: Automatic root cause analysis via large language models for cloud incidents. In: Proceedings of the 19th European Conference on Computer Systems, pp. 674–688 (EuroSys’24) (2024)

    Google Scholar 

  8. Du, M., Li, F., Zheng, G., Srikumar, V.: DeepLog: anomaly detection and diagnosis from system logs through deep learning. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, pp. 1285–1298 (2017)

    Google Scholar 

  9. He, P., Zhu, J., Zheng, Z., Lyu, M. R.: Drain: an online log parsing approach with fixed depth tree. In: 2017 IEEE International Conference on Web Services, pp. 33–40 (ICWS) (2017)

    Google Scholar 

  10. He, S., Zhang, X., He, P., et al.: An empirical study of log analysis at microsoft. In: Proceedings of the 30th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering, pp. 1465–1476 (2022)

    Google Scholar 

  11. Hussain, S. R., Sallam, A. M., Bertino, E.: Detanom: detecting anomalous database transactions by insiders. In: Proceedings of the 5th ACM Conference on Data and Application Security and Privacy. Association for Computing Machinery, pp. 25–35 (2015)

    Google Scholar 

  12. Khan, M. I., O’Sullivan, B., Foley, S. N.: A semantic approach to frequency based anomaly detection of insider access in database management systems. In: Risks and Security of Internet and Systems. Springer International Publishing, pp. 18–28 (2018) https://doi.org/10.1007/978-3-319-76687-4_2

  13. Li, S., Yin, Q., Li, G., Li, Q., Liu, Z., Zhu, J.: Unsupervised contextual anomaly detection for database systems. In: Proceedings of the 2022 International Conference on Management of Data. Association for Computing Machinery, pp. 788–802 (2022)

    Google Scholar 

  14. Liu, F. T., Ting, K. M., Zhou, Z. H.: Isolation forest. In: 2008 Eighth IEEE International Conference on Data Mining, pp. 413–422 (2008)

    Google Scholar 

  15. Liu, Y., et al.: Logprompt: prompt engineering towards zero-shot and interpretable log analysis, pp. 364–365 arXiv preprint arXiv:2308.07610 (2023)

  16. McInnes, L., Healy, J.: Accelerated hierarchical density based clustering. In: 2017 IEEE International Conference on Data Mining Workshops, pp. 33–42 (ICDMW) IEEE (2017)

    Google Scholar 

  17. Nguyen, T., Wong, E.: In-context example selection with influences. arXiv preprint arXiv:2302.11042 (2023)

  18. Pennington, J., Socher, R., Manning, C. D.: Glove: global vectors for word representation. In: Proceedings of the 2014 Conference on Empirical Methods in Natural Language Processing, pp. 1532–1543 (EMNLP) (2014)

    Google Scholar 

  19. Wei, J., et al.: Chain-of-thought prompting elicits reasoning in large language models, pp. 24824–24837(2023)

    Google Scholar 

  20. Wu, Z., Wang, Y., Ye, J., Kong, L.: Self-adaptive in-context learning: an information compression perspective for in-context example selection and ordering, p. 10375 (2023)

    Google Scholar 

  21. Yan, X., Hsieh, K., Liyanage, Y., et al.: Aegis: attribution of control plane change impact across layers and components for cloud systems. In: Proceedings of the 45th International Conference on Software Engineering: Software Engineering in Practice, pp. 222–233 ICSE-SEIP ‘23 (2023)

    Google Scholar 

  22. Zeng, Z., Zhang, Y., Xu, Y., et al.: Traceark: towards actionable performance anomaly alerting for online service systems. In: 2023 IEEE/ACM 45th International Conference on Software Engineering: Software Engineering in Practice, pp. 258–269 (ICSE-SEIP) (2023)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Huazhen Zhong, Wenjie Xiao, Xuehai Tang & Liangjun Zang

  2. China Mobile Information Technology Center, Beijing, China

    Jibin Wang, Xuejian Wang & Xin Wang

  3. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Huazhen Zhong & Xuehai Tang

Authors
  1. Huazhen Zhong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jibin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xuejian Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Wenjie Xiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Xuehai Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Liangjun Zang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wenjie Xiao .

Editor information

Editors and Affiliations

  1. Eastern Institute of Technology, Ningbo, China

    De-Shuang Huang

  2. China University of Mining and Technology, Xuzhou, China

    Wei Chen

  3. Eastern Institute of Technology, Ningbo, China

    Yijie Pan

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Zhong, H. et al. (2024). DBPrompt: A Database Anomaly Operation Detection and Analysis via Prompt Learning. In: Huang, DS., Chen, W., Pan, Y. (eds) Advanced Intelligent Computing Technology and Applications. ICIC 2024. Lecture Notes in Computer Science, vol 14869. Springer, Singapore. https://doi.org/10.1007/978-981-97-5603-2_29

Download citation

  • DOI: https://doi.org/10.1007/978-981-97-5603-2_29

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-97-5602-5

  • Online ISBN: 978-981-97-5603-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics