TAILIEUCHUNG - A Knowledge-Based Approach to Network Security: Applying Cyc in the Domain of Network Risk Assessment

The last security incident of this week occurred on Friday morning. The security adminis- trator received an alert from the intrusion detection system (IDS) in the Boston office that indicated suspicious activity originating from that office directed at the company main- frame system. The workstation IP address was available in the IDS logs. The security administrator reviewed the access logs from the mainframe and confirmed that the suspi- cious activity reported by the IDS needed to be reported to the Vice President of Informa- tion Security. The Challenge The security administrator needed to identify which user was associated with the IP ad- dress at the time of. | A Knowledge-Based Approach to Network Security Applying Cyc in the Domain of Network Risk Assessment Blake Shepard Cynthia Matuszek C. Bruce Fraser William Wechtenhiser David Crabbe Zelal Gungordu John Jantos Todd Hughes Larry Lefkowitz Michael Witbrock Doug Lenat Erik Larson Cycorp Inc. 3721 Executive Center Drive Suite 100 Austin TX 78731 blake cynthia dcrabbe zelal jantos larry witbrock lenat @ bfraser@ william@ thughes@ elarson@ Abstract CycSecure is a network risk assessment and network monitoring application that relies on knowledge-based artificial intelligence technologies to improve on traditional network vulnerability assessment. CycSecure integrates public reports of software faults from online databases data gathered automatically from computers on a network and hand-ontologized information about computers and computer networks. This information is stored in the Cyc knowledge base KB and reasoned about by the Cyc inference engine and planner to provide detailed analyses of the security and vulnerability of networks. 1 Introduction In maintaining secure computer networks system administrators face an increasingly time-consuming task. Much of the difficulty derives from the burden of information management the amount of information required is enormous much of it changes rapidly and the relevant information can be difficult to identify. Existing tools are difficult to keep completely updated and the format in which they provide information can be unwieldy. In this paper we describe Cyc-Secure an emerging AI application in the domain of network security. This work endeavors to address some shortcomings of existing security software by exploiting strengths in the Cyc technology Lenat D. B. and Guha R. V. 1990 Lenat D. 1995 a large knowledge base KB natural language input and output modules a well-developed inference engine and an integrated planner. CycSecure is a combination of information gathering

• An ninh - Bảo mật
• certifications levels
• Building Investment
• Pediatric Cardiology
• Renal and Cardiovascular
• Pediatric Cardiac Surgery
• Skill and Creativity