Intelligent System for Information Security Management: Architecture and Design Issues

The limitations of each security technology combined with the growth of cyber attacks impact the efficiency of information security management and increase the activities to be performed by network administrators and security staff. Therefore, there is a need for the increase of automated auditing and intelligent reporting mechanisms for the cyber trust. Intelligent systems are emerging computing systems based on intelligent techniques that support continuous monitoring and controlling plant activities. Intelligence improves an individual’s ability to make better decisions. This paper presents a proposed architecture of an Intelligent System for Information Security Management (ISISM). The objective of this system is to improve security management processes such as monitoring, controlling, and decision making with an effect size that is higher than an expert in security by providing mechanisms to enhance the active construction of knowledge about threats, policies, procedures, and risks. We focus on requirements and design issues for the basic components of the intelligent system.

[1]  R. Cardoso,et al.  Security Vulnerabilities and Exposures in Internet Systems and Services , 2008 .

[2]  Nestor Rychtyckyj Intelligent Systems for Manufacturing at Ford Motor Company , 2007, IEEE Intelligent Systems.

[3]  Liuqing Yang,et al.  Driving into Intelligent Spaces with Pervasive Communications , 2007, IEEE Intelligent Systems.

[4]  Alfred C. Weaver,et al.  Biometric authentication , 2006, Computer.

[5]  K. Mohammadi,et al.  Modeling Fault Tolerant and Secure Mobile Agent Execution in Distributed Systems , 2006, Int. J. Intell. Inf. Technol..

[6]  Mariana Hentea,et al.  Enhancing information security risk management with data mining and fuzzy logic techniques , 2006, CAINE.

[7]  Raheel Ahmad,et al.  Expert Systems: Principles and Programming , 2006, Scalable Comput. Pract. Exp..

[8]  M. Eisenstein Getting the message , 2005, Nature Methods.

[9]  Charles C. Willow A Neural Network-Based Agent Framework for Mail Server Management , 2005, Int. J. Intell. Inf. Technol..

[10]  Fei-Yue Wang,et al.  Agent-Based Control for Networked Traffic Management Systems , 2005, IEEE Intell. Syst..

[11]  Yiyu Yao,et al.  Rule+exception strategies for security information analysis , 2005, IEEE Intelligent Systems.

[12]  Moshe Kam,et al.  Service-based computing on manets: enabling dynamic interoperability of first responders , 2005, IEEE Intelligent Systems.

[13]  Miriam A. M. Capretz,et al.  ADAM: A Multi-Agent System for Autonomous Database Administration and Maintenance , 2005, Int. J. Intell. Inf. Technol..

[14]  Rana Tassabehji Information Security Threats , 2005 .

[15]  Mariana Hentea,et al.  Improving Intrusion Awareness with a Neural Network Classifier , 2005, IASSE.

[16]  Olusegun Folorunso,et al.  Knowledge Discovery of Closed Frequent Calling Patterns in a Telecommunication Database , 2005 .

[17]  Elisa Bertino,et al.  XML-based specification for Web services document security , 2004, Computer.

[18]  Nicholas R. Jennings,et al.  A Roadmap of Agent Research and Development , 2004, Autonomous Agents and Multi-Agent Systems.

[19]  Adrian Perrig,et al.  Security and Privacy in Sensor Networks , 2003, Computer.

[20]  L. Volonino,et al.  Principles and Practice of Information Security , 2003 .

[21]  Jeffrey M. Bradshaw,et al.  Taking Back Cyberspace , 2003, Computer.

[22]  Stefan Savage,et al.  Inside the Slammer Worm , 2003, IEEE Secur. Priv..

[23]  Lawrence A. Gordon,et al.  Information Security Expenditures and Real Options: A Wait-and-See Approach , 2003 .

[24]  Min-Shiang Hwang,et al.  A new secure generalization of threshold signature scheme , 2003, International Conference on Information Technology: Research and Education, 2003. Proceedings. ITRE2003..

[25]  Mariana Hentea,et al.  Intelligent Model for Cyber Attack Detection and Prevention , 2003, IASSE.

[26]  Jeffrey O. Kephart,et al.  The Vision of Autonomic Computing , 2003, Computer.

[27]  Symeon Papavassiliou,et al.  Network intrusion and fault detection: a statistical anomaly approach , 2002, IEEE Commun. Mag..

[28]  Rocky K. C. Chang,et al.  Defending against flooding-based distributed denial-of-service attacks: a tutorial , 2002, IEEE Commun. Mag..

[29]  Alex M. Andrew,et al.  Intelligent Systems: Architecture, Design, and Control , 2002 .

[30]  M. K. Senehi,et al.  An intelligent systems architecture for manufacturing (ISAM):: a reference model architecture for intelligent manufacturing systems , 2002 .

[31]  Ulf Lindqvist,et al.  eXpert-BSM: a host-based intrusion detection solution for Sun Solaris , 2001, Seventeenth Annual Computer Security Applications Conference.

[32]  Sandra Kay Miller Facing the Challenge of Wireless Security , 2001, Computer.

[33]  Jeffrey M. Bradshaw,et al.  Terraforming cyberspace , 2001, Proceedings First IEEE/ACM International Symposium on Cluster Computing and the Grid.

[34]  H. Berenji The Unique strength of Fuzzy Logic Control , 2001 .

[35]  Patrick W. Dowd,et al.  Network Security: It's Time to Take It Seriously (Guest Editors' Introduction) , 1998, Computer.

[36]  Efraim Turban,et al.  Decision support systems and intelligent systems , 1997 .

[37]  Martha W. Evens,et al.  Architecture and design issues in a hybrid knowledge-based expert system for intelligent quality control , 1997 .

[38]  Kevin M. Passino,et al.  Intelligent Control: From Theory to Application , 1996, IEEE Expert.

[39]  Peter Norvig,et al.  Artificial Intelligence: A Modern Approach , 1995 .

[40]  Fatemeh Zahedi Intelligent Systems for Business: Expert Systems with Neural Networks , 1993 .