This repository contains the official implementation of NeuralAuditGuard, a novel learning-based auditing framework designed to secure database systems without relying on explicit SQL parsing. NeuralAuditGuard leverages machine learning to detect anomalous database access patterns and potential security threats in real-time.
Paper Link: NeuralAuditGuard: A Learning-based SQL-agnostic Auditing Framework
Authors: [Liang Li, Yang Wu, Yiduo Wang, Jie Wu]
- SQL-Agnostic Design: Works across different database systems (MySQL, PostgreSQL, Oracle, etc.) without requiring SQL parsing.
- Anomaly Detection: Uses advanced machine learning models to identify abnormal access patterns.
- Real-time Monitoring: Provides instant alerts for potential security breaches.
- Scalable Architecture: Designed to handle high-volume transactional data.
- Extensible Plugin System: Easily integrate with existing security infrastructure.
NeuralAuditGuard consists of four main components:
- Data Collection Module: Captures database access patterns without relying on SQL parsing.
- SQL-agnostic log preprocessing: extracting the literal value streams from the audit log.
- Feature Extraction Engine: Transforms raw access logs into machine-readable features.
- Anomaly Detection Model: Employs deep learning to identify suspicious activities.
- Alerting & Reporting System: Generates actionable insights and security alerts.
For questions or support, please open an issue on GitHub or contact [lil225@chinatelecom.cn].