当前位置: X-MOL 学术Int. J. Softw. Eng. Knowl. Eng. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Case-Based Reasoning Approach for the Cybersecurity Incident Recording and Resolution
International Journal of Software Engineering and Knowledge Engineering ( IF 0.6 ) Pub Date : 2020-02-12 , DOI: 10.1142/s021819401940014x
Raul Ceretta Nunes 1 , Marcelo Colomé 1 , Fabio André Barcelos 1 , Marcelo Garbin 1 , Gustavo Bathu Paulus 1 , Luis Alvaro De Lima Silva 1
Affiliation  

Intelligent computing techniques have a paramount importance to the treatment of cybersecurity incidents. In such Artificial Intelligence (AI) context, while most of the algorithms explored in the cybersecurity domain aim to present solutions to intrusion detection problems, these algorithms seldom approach the correction procedures that are explored in the resolution of cybersecurity incident problems that already took place. In practice, knowledge regarding cybersecurity resolution data and procedures is being under-used in the development of intelligent cybersecurity systems, sometimes even lost and not used at all. In this context, this work proposes the Case-based Cybersecurity Incident Resolution System (CCIRS), a system that implements an approach to integrate case-based reasoning (CBR) techniques and the IODEF standard in order to retain concrete problem-solving experiences of cybersecurity incident resolution to be reused in the resolution of new incidents. Different types of experimental results so far obtained with the CCIRS show that information security knowledge can be retained with our approach in a reusable memory improving the resolution of new cybersecurity problems.

中文翻译:

网络安全事件记录和解决的基于案例的推理方法

智能计算技术对网络安全事件的处理至关重要。在这样的人工智能 (AI) 环境中,虽然在网络安全领域探索的大多数算法旨在为入侵检测问题提供解决方案,但这些算法很少接近在解决已经发生的网络安全事件问题时探索的纠正程序。在实践中,有关网络安全解决数据和程序的知识在智能网络安全系统的开发中没有得到充分利用,有时甚至丢失并且根本没有使用。在此背景下,这项工作提出了基于案例的网络安全事件解决系统(CCIRS),一个系统,该系统实施一种方法来集成基于案例的推理 (CBR) 技术和 IODEF 标准,以保留网络安全事件解决的具体问题解决经验,以便在新事件的解决中重复使用。迄今为止,通过 CCIRS 获得的不同类型的实验结果表明,我们的方法可以将信息安全知识保留在可重复使用的内存中,从而提高新网络安全问题的解决方案。
更新日期:2020-02-12
down
wechat
bug