254 Int. J. Reasoning-based Intelligent Systems, Vol. 7, Nos. 3/4, 2015 Copyright © 2015 Inderscience Enterprises Ltd. A new approach to intrusion detection in databases by using artificial neuro fuzzy inference system Anitarani Brahma* and Suvasini Panigrahi Department of Computer Science and Engineering and IT, Veer Surendra Sai University of Technology, Burla, Odisha, India Email: brahmaanita00@gmail.com Email: suvasini26@gmail.com *Corresponding author Abstract: In this modern era of internet, security of data has become a primary concern due to exposure of databases on the web. The present study approaches the problem of database intrusion detection from a pattern recognition point of view, where artificial neuro fuzzy inference system (ANFIS) is used to capture user behavioural patterns. In this paper, we have proposed a database intrusion detection system using ANFIS as a classifier that is capable of outperforming in many ways and better suits the demands and dynamic nature of the problem. The proposed approach to intrusion detection gives a better detection rate and lowers the false positive rate compared to other traditional techniques. Keywords: database security; intrusion detection; artificial neural network; ANN; fuzzy inference system; FIS; artificial neuro fuzzy inference system; ANFIS. Reference to this paper should be made as follows: Brahma, A. and Panigrahi, S. (2015) ‘A new approach to intrusion detection in databases by using artificial neuro fuzzy inference system’, Int. J. Reasoning-based Intelligent Systems, Vol. 7, Nos. 3/4, pp.254–260. Biographical notes: Anitarani Brahma is a PhD Research Scholar at the Veer Surendra Sai University of Technology, Burla, Odisha, India. She received her BTech and MTech in Information Technology from Biju Patnaik University of Technology, Odisha, India in 2009 and 2013, respectively. Her research interests include database system, applied soft computing and database security. Suvasini Panigrahi is an Associate Professor at the Veer Surendra Sai University of Technology, Burla, Odisha, India. She received her BTech and MTech in Computer Science and Engineering and Computer Science from Utkal University, India in 2002 and 2004, respectively. She received her PhD from IIT Kharagpur in 2009. She has published various research papers on database security in refereed journals and conference proceedings. Her research interests include database systems and database security. 1 Introduction The rapid usage of web-based applications has increased the risk exposure of databases. Security of data has thus become an important aspect of every information system due to increase in serious threat to confidentiality, integrity and availability of data in different information infrastructure. Damage and misuse of the valuable asset can lead to disastrous consequences on the entire organisation. The intrusion in databases can be at an insider level or at the outsider level. The outside intruders are unauthorised users from outside the organisation and may not be aware of the security infrastructure of the system, whereas an inside intruders are authorised users, within the organisation and are aware of the security measures taken for protecting data. It is very difficult to detect an inside intrusion occurring in the database and hence can have severe impact on the security of database systems. It is found that the major security challenges arise from internal intrusion as compared to the outsider intrusion (Murray, 2005). Thus, the main objective of a database intrusion detection system (DIDS) is to forbid unnecessary information exposure and modification of data while ensuring the availability of the needed services. Majority of the research on intrusion detection has been done for detecting intrusive activities at the host (host-based IDS) and network (network-based IDS) level. However, the