Kane Secure Enterprise Essay, Research Paper
Depending upon how the database is set up (i.e., what platform, etc.) you
may be able to use Intrusion.com’s Kane Secure Enterprise. KSE is the old
CMDS (Computer Misuse Detection System) from SAIC all dressed up in a new
interface and with some new capabilities. KSE is a statistical profiling
host based IDS that can watch for statistical patterns of access. This means
that once it gets a baseline of “normal” access by various accounts, it
“knows” that one of those accounts is acting outside of its normal profile
and alarms. That way if your hacker is masquerading as a legitimate user
(or if he/she is actually an insider with legitimate access) the departure
from normal access actions will be noticed by the KSE. Additionally, it can
be rule-based (like any other log parsing IDS) to do detection of rule
violations.