Sciweavers

ACSAC
2009
IEEE

An Empirical Approach to Modeling Uncertainty in Intrusion Analysis

14 years 7 months ago
An Empirical Approach to Modeling Uncertainty in Intrusion Analysis
: © An Empirical Approach to Modeling Uncertainty in Intrusion Analysis Xinming Ou, Siva Raj Rajagopalan, Sakthiyuvaraja Sakthivelmurugan HP Laboratories HPL-2009-334 intrusion detection; uncertainty; logic Uncertainty is an innate feature of intrusion analysis due to the limited views provided by system monitoring tools, intrusion detection systems (IDS), and various types of logs. Attackers are essentially invisible in cyber space and monitoring tools can only observe the symptoms or effects of malicious activities. When mingled with similar effects from normal or non-malicious activities they lead intrusion analysis to conclusions of varying confidence and high false positive/negative rates. This paper presents an empirical approach to the problem of uncertainty where the inferred security implications of low-level observations are captured in a simple logical language augmented with certainty tags. We have designed an automated reasoning process that enables us to combine multiple...
Xinming Ou, Siva Raj Rajagopalan, Sakthiyuvaraja S
Added 18 May 2010
Updated 18 May 2010
Type Conference
Year 2009
Where ACSAC
Authors Xinming Ou, Siva Raj Rajagopalan, Sakthiyuvaraja Sakthivelmurugan
Comments (0)