METHOD FOR DETECTING ANOMALIES OF SQL-SPECIFIC QUERY OF RELATIONAL DATABASES

In the context of toughening of the requirements in the field of information security (the conditions of its safety) difficult-to-implement, the increasing number of external destabilizing factors (including the high level of false alarms), the increase of scopes and speed of information changes, and the drawbacks inherent to most databases, the probability of anomalies occurrence in the process of operation (acquisition, processing and storage) of relational databases is high. The article provides detailed description of the method for the construction a formal grammar executed by a SQL query of relational databases. This approach considers formal grammar under study from a mathematical point of view, as a model that defines a set of discrete objects in the form of description of the original objects and the rules for constructing new objects from the original and already created ones. Thus, a system of rules for further work is formed, represented in the form of a system of equations. The described method makes it possible to determine mathematical properties of the similarity invariants of the SQL query of relational databases intended for the collection, storage and analysis of statistical data, such as reference data of the operation of software and hardware, various statistical data about population, .production etc. The results of the testing of the demonstration prototype of the anomaly detection system, implemented on the basis of the proposed method, obtained in the course of the experimental implementation are presented in comparison with some existing and applied security systems. The solution proposed in the article is effective, simple and universal for the majority of currently used relational databases, In addition, it has a low cost of financial expenses in case of practical implementation.