Network based intrusion detection analyzes DB access attempts prior to
transport into the host computer system and accordingly, mitigate
resource overhead. However, host computer systems often employ local
access such as a DBA account. Monitoring access attempts via the network
monitor may not encompass such local access attempts. A data security
device which intercepts both local and remote access attempts to the
database resource monitors all database access attempts for auditing and
security analysis. The data security device receives local access
transactions via a local agent on the host. The local agent identifies
and integrates with an interprocess communication (IPC) mechanism on the
host computer system. The local agent implements an IPC interception
mechanism to direct local database access attempts to the local agent,
which then forwards the intercepted attempts to the data security device
for further analysis. The network data security device therefore observes
local access attempts via interception and transmission to the data
security device, thereby consolidating analysis and logging of the data
access attempts via the data security device.