A Case-Based Reasoning Approach for the Cybersecurity Incident Recording and Resolution
| Autor: | Marcelo Colomé, Fabio André Barcelos, Marcelo Garbin, Gustavo B. Paulus, Raul Ceretta Nunes, Luis Alvaro de Lima Silva |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
021110 strategic
defence & security studies Intelligent computing Computer Networks and Communications Computer science 0211 other engineering and technologies ComputingMilieux_LEGALASPECTSOFCOMPUTING Context (language use) 02 engineering and technology Information security Resolution (logic) Computer security computer.software_genre Computer Graphics and Computer-Aided Design Artificial Intelligence 0202 electrical engineering electronic engineering information engineering 020201 artificial intelligence & image processing Case-based reasoning computer Software |
| Zdroj: | International Journal of Software Engineering and Knowledge Engineering. 29:1607-1627 |
| ISSN: | 1793-6403 0218-1940 |
| DOI: | 10.1142/s021819401940014x |
| Popis: | Intelligent computing techniques have a paramount importance to the treatment of cybersecurity incidents. In such Artificial Intelligence (AI) context, while most of the algorithms explored in the cybersecurity domain aim to present solutions to intrusion detection problems, these algorithms seldom approach the correction procedures that are explored in the resolution of cybersecurity incident problems that already took place. In practice, knowledge regarding cybersecurity resolution data and procedures is being under-used in the development of intelligent cybersecurity systems, sometimes even lost and not used at all. In this context, this work proposes the Case-based Cybersecurity Incident Resolution System (CCIRS), a system that implements an approach to integrate case-based reasoning (CBR) techniques and the IODEF standard in order to retain concrete problem-solving experiences of cybersecurity incident resolution to be reused in the resolution of new incidents. Different types of experimental results so far obtained with the CCIRS show that information security knowledge can be retained with our approach in a reusable memory improving the resolution of new cybersecurity problems. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|