|
| A Security Analysis Framework Powered by an Expert System
|
|
Full
text: |
 PDF(500.3KB) |
|
|
Source |
International Journal of Computer Science and Security (IJCSS) |
|
Table of Contents |
|
|
Download
Complete Issue PDF(4.93MB) |
|
Volume: 4 Issue: 6 |
| |
Pages: 497-610 |
|
Publication
Date: January / February |
|
ISSN
(Online): 1985-1553 |
|
|
|
|
|
Pages |
505 - 527 |
|
Author(s) |
|
|
|
Published
Date |
08-02-2011 |
|
Publisher |
CSC
Journals, Kuala Lumpur,
Malaysia |
|
ADDITIONAL
INFORMATION |
| Keywords Abstract References Cited by Related Articles Collaborative
Colleague |
| |
|
| |
KEYWORDS: Computer Security, Security Analysis, Expert System, Security Framework, Computer Attacks |
|
|
| |
|
|
| This Manuscript is indexed in the following databases/websites:- |
|
| 1. Scribd |
| 2. refSeek |
| 3. Socol@r |
| 4. Docstoc |
| 5. Google Scholar |
| 6. WorldCat |
| 7. Directory of Open Access Journals (DOAJ) |
| 8. Bielefeld Academic Search Engine (BASE) |
| 9. ResearchGATE |
| 10. Academic Journals Database |
| 11. Libsearch |
| |
|
| |
|
|
| Today\'s IT systems are facing a major challenge in confronting the fast rate of
emerging security threats. Although many security tools are being employed
within organizations in order to standup to these threats, the information revealed
is very inferior in providing a rich understanding to the consequences of the
discovered vulnerabilities. We believe expert systems can play an important role
in capturing any security expertise from various sources in order to provide the
informative deductions we are looking for from the supplied inputs. Throughout
this research effort, we have built the Open Security Knowledge Engineered
(OpenSKE) framework (http://code.google.com/p/openske), which is a security analysis framework built around an
expert system in order to reason over the security information collected from
external sources. Our implementation has been published online in order to
facilitate and encourage online collaboration to increase the practical research
within the field of security analysis. |
| |
|
| |
|
| |
| 1 |
5. Steven J. Templeton, Karl Levitt. “A Requires/Provides Model for Computer Attacks”. ACM Press, 2000
|
|
|
| 2 |
6. Robert W. Baldwin. “Rule based Analysis of Computer Security”. MIT, 1987.
|
|
|
| 3 |
7. Daniel Farmer, Eugene H. Spafford. “The COPS Security Checker System”. Purdue, 1994.
|
|
|
| 4 |
8. Dan Zerkle, Karl Levitt. NetKuang – “A Multi-Host Configuration Vulnerability Checker”, California, 1996.
|
|
|
| 5 |
9. Ronald W. Ritchey, Paul Ammann. “Using Model Checking to Analyze Network Vulnerabilities”. IEEE Symposium on Security and Privacy, 2000.
|
|
|
| 6 |
10. R. P. Lippmann, K. W. Ingols. “An Annotated Review of Past Papers on Attack Graphs”. MIT 2005.
|
|
|
| 7 |
11. Xinming Ou. “A logic-programming approach to network security analysis”. Princeton University, 2005.
|
|
|
| 8 |
12. Sudhakar Govindavajhala. “A Formal Approach to Practical Network Security Management”. Princeton University, 2006.
|
|
|
| 9 |
13. Xinming Ou, Sudhakar Govindavajhala, Andrew W. Appel. “MulVAL: A Logic-based Network Security Analyzer”. Proceedings of the 14th USENIX Security Symposium, 2005.
|
|
|
| 10 |
14. Edward A.Feigenbaum. “Expert Systems : Principles and Practice”, The Encyclopedia of Computer Science and Engineering, 1992.
|
|
|
| 11 |
15. CL Forgy, Rete: “A fast algorithm for the many pattern/many object pattern match problem”. Artificial Intelligence, 1982.
|
|
|
| 12 |
16. Robert A. Martin. “Making Security Measurable and Manageable”, MILCOM 2008.
|
|
|
| 13 |
17. T. Tidwell, R. Larson, K. Fitch and J. Hale. “Modeling Internet Attacks”, IEEE 2001.
|
|
|
| 14 |
18. Sean Barnum, Amit Sethi. “Attack Patterns as a Knowledge Resource for Building Secure Software”, OMG Software Assurance Workshop: Cigital, 2007.
|
|
|
| |
|
| |
|
| |
| |
|
| |
|
| |
| 1 |
MENDELEY
|
| 2 |
Jboss Community
|
| 3 |
LinkedIn Labs
|
| 4 |
Academia.edu
|
| |
|
| |
|
| |
|
| Maher Mohamed Gamal : Colleagues
|
|
| Bahaa Hassan : Colleagues
|
|
| Abdel Fatah Hegazy : Colleagues
|
|
