Journal of Computing and Information Technology
Application of Case-based Methodology for Early Diagnosis of Computer Attacks
Abstract
In this article we consider the mathematical foundations and software implementation of the early diagnosis of computer attacks. For this we used the JSM method of automatic hypothesis generation and the theory of case-based models.
This software outputs hypotheses about the properties and expected consequences of a new computer attack. The system analyses a set of properties of the computer attack known to the user. For this we use the Base of the cyber attack’s precedents, described in the language of fuzzification of Boolean-valued models. Each potential property of the new attack is studied by using the JSM method. This process builds sets of positive and negative hypotheses concerning each property, giving a set of properties and consequences characteristic of the attack that has yet not happened at the time of analysis.
The developed algorithm has polynomial complexity.
This software outputs hypotheses about the properties and expected consequences of a new computer attack. The system analyses a set of properties of the computer attack known to the user. For this we use the Base of the cyber attack’s precedents, described in the language of fuzzification of Boolean-valued models. Each potential property of the new attack is studied by using the JSM method. This process builds sets of positive and negative hypotheses concerning each property, giving a set of properties and consequences characteristic of the attack that has yet not happened at the time of analysis.
The developed algorithm has polynomial complexity.
Keywords
information security, computer attack, case of the computer attack, case-based model, fuzzification of the case-based model, JSM-method, JSM-reasoning
Full Text:
PDFDOI: https://doi.org/10.2498/cit.1002388
This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.
|  |  |
|  |  |
