Enhancing Database Security in NoSQL Systems Using Machine Learning-Based Anomaly Detection

The proliferation of data management systems like the NoSQL databases in big data and the Internet of Things (IoT) ecosystems has brought about a radical change in data management, providing unprecedented scalability and flexibility to manage unstructured, high-velocity data. However, their schema-less distributed nature makes them vulnerable to security attacks like SQL injections, unauthorized access and data leakage in the cloud. In this paper, we make an attempt to leverage machine learning (ML) methods to enhance security of NoSQL systems (for example, which based systems such as MongoDB, Cassandra, and InfluxDB). We enhance the state-of-the-art of traffic analysis and threat detection by unifying the knowledge from 40 studies and proposing a unified combination of supervised and unsupervised ML models (e.g., Random Forest and Autoencoders) to identify and mitigate threats online. The approach is to process query logs, network traffic, and access patterns to detect with low false positives rate. Evaluated on a synthetic dataset designed to emulate real-world NoSQL threats, the framework demonstrates promising performance compared to traditional rule-based systems and existing anomaly detection methods, particularly in dynamic IoT and cloud applications. Challenges such as computational overhead, heterogeneous data, integration complexity, and model interpretability are addressed, with future directions including hybrid ML models, encryption-enhanced frameworks, lightweight algorithms for IoT devices, and explainable AI for improved trustworthiness. This study contributes to secure data processing, enhancing the protection of sensitive applications in domains like healthcare, finance, and social media.