IMPLEMENTATION OF DATABASE SECURITY BASED ON ORACLE AUDIT VAULT AND DATABASE FIREWALL

Abstract

Abstract. The paper provides recommendations for protecting databases from unauthorized intrusions, organizes the collection of statistics on the relevance and potential number of database attacks currently occurring worldwide, and offers a general overview of database attacks and countermeasures. To monitor database activity for unauthorized actions, the solution used is Oracle Audit Vault and Database Firewall, which combines built-in audit data with network SQL traffic capture. This solution prevents unauthorized database connections. It is evident that some databases may be compromised by cybercriminals through sheer luck or by exploiting employee negligence. Many companies may neglect to change default login credentials for information systems. Weak employee passwords that are easy to guess, or passwords that are not changed regularly, can also be exposed by cybercriminals. Hackers often use automated software to gain unauthorized access to an information system by brute-forcing passwords, cycling through words from a dictionary. Many users choose simple words for passwords that could potentially be included in a dictionary, making the information system vulnerable. Additionally, database access can easily be achieved using malicious software designed to exploit unprotected or outdated systems. This can also apply to unused database features, which may have their own vulnerabilities. Attackers can exploit software vulnerabilities in various ways, such as writing code for a target vulnerability hidden inside malware. Updates can improve software performance, fix existing bugs, remove outdated features that take up disk space, and enhance the overall security of the system. Updates are available for both operating systems and database management systems, and are crucial for ensuring their security and stability.