Interval and Fuzzy Techniques in Business-Related Computer Security: Intrusion Detection, Privacy Protection

E-commerce plays an increasingly large role in business. As a result, business-related computer security becomes more and more important. In this talk, we describe how interval and fuzzy techniques can help in solving related computer security problems. 1 Interval Techniques in Computer Security: Motivations Importance of computer security. E-commerce plays an increasingly large role in business. As a result, business-related computer security becomes more and more important; see, e.g., [2, 16]. Why interval techniques. In computer security, interval uncertainty comes from the lack of knowledge. One of the reasons for this lack of knowledge is that the users are reluctant to provide the businesses with the exact information because they do not want this information to be misused. For example, a user may be reluctant to provide his or her exact date of birth but willing to provide an age interval (e.g., 30–40). To be successful, an electronic business needs to process the user data. It is therefore important to develop efficient algorithms for statistical processing of such interval-valued data. 2 How to Extend Statistical Techniques to Situations with Interval Uncertainty Traditional approach to data processing: statistical analysis. One of the main objectives of computer security is to predict the user’s behavior, so that we will be able to stop malicious intrusions without interfering with the legitimate use of the computer systems. To be able to make these predictions, we must find the relation between the desired difficult-to-observe characteristics of the user behavior – such as maliciousness – and the observable characteristics. Situations when we must be able to predict difficult-do-directly-observe characteristics based on easier-tomeasure ones are typical in engineering and science. For example, in engineering, we must predict the building’s stability based on the observed characteristics; in medicine, it is desirable to check whether a person has a certain disease (such as cancer) based, ideally, only on non-invasive tests such as ultrasonic and X-ray imaging. The traditional way to find this dependence is (see, e.g., [20]): – to find the make several observations of different characteristics, – to compute statistical characteristics of the corresponding measurement results, such as the population mean Ex = 1

[1]  Ramon E. Moore Methods and applications of interval analysis , 1979, SIAM studies in applied mathematics.

[2]  P. Walley Statistical Reasoning with Imprecise Probabilities , 1990 .

[3]  Philippe Nivlet,et al.  Propagating Interval Uncertainties In Supervised Pattern Recognition For Reservoir Characterization , 2001 .

[4]  Janusz Zalewski,et al.  Rough sets: Theoretical aspects of reasoning about data , 1996 .

[5]  Vladik Kreinovich,et al.  Exact Bounds on Finite Populations of Interval Data , 2005, Reliab. Comput..

[6]  Gang Xiang Fast Algorithm for Computing the Upper Endpoint of Sample Variance for Interval Data: Case of Sufficiently Accurate Measurements , 2006, Reliab. Comput..

[7]  Sushil Jajodia,et al.  Intrusion Detection in Distributed Systems: An Abstraction-Based Approach , 2003 .

[8]  L. Zadeh,et al.  Data mining, rough sets and granular computing , 2002 .

[9]  Philippe Nivlet,et al.  A new methodology to account for uncertainties in 4D seismic interpretation , 2001 .

[10]  Vladik Kreinovich,et al.  Novel Approaches to Numerical Software with Result Verification , 2004, Numerical Software with Result Verification.

[11]  S. G. Rabinovich Measurement Errors: Theory and Practice , 1994 .

[12]  Nick Cercone,et al.  Supervised Learning: A Generalized Rough Set Approach , 2000, Rough Sets and Current Trends in Computing.

[13]  Vladik Kreinovich,et al.  Computing variance for interval data is NP-hard , 2002, SIGA.

[14]  Gang Xiang,et al.  Computing Variance under Interval Uncertainty: A New Algorithm and its Potential Application to Privacy in Statistical Databases , 2006 .

[15]  Zhongmin Cai,et al.  A rough set theory based method for anomaly intrusion detection in computer network systems , 2003, Expert Syst. J. Knowl. Eng..

[16]  Vladik Kreinovich,et al.  Population Variance under Interval Uncertainty: A New Algorithm , 2006, Reliab. Comput..

[17]  G. William Walster Philosophy and practicalities of interval arithmetic , 1988 .

[18]  Vladik Kreinovich,et al.  Towards Combining Probabilistic and Interval Uncertainty in Engineering Calculations , 2004 .

[19]  Marc Dacier,et al.  Intrusion detection , 1999, Comput. Networks.

[20]  Wojciech Ziarko,et al.  Variable Precision Rough Set Model , 1993, J. Comput. Syst. Sci..