A Slow Intelligent Approach for the Improvement of Intrusion Detection and Prevention System

Computer network security is a fashionable and fast-moving field. In the last decade many methodologies and tools have been developed for improving the security of networks and their hosts, but the resources used to deal with the problem often do not yield results commensurate with costs. In the last period the adoption of Network Intrusion Prevention Systems promises to represent an effective line of defense against a variety of attacks that could compromise the security and proper functioning of an enterprise information system. This paper introduces a Network Intrusion Prevention System based on Ontological and Slow Intelligence approach. By the use of Ontology the proposed Network Intrusion Prevention System will analyze the input semantically while will improve over the time sharing knowledge among other similar systems or experts according to the Slow Intelligence approach. A first prototype of the environment has been developed and first experimental results have been showed.

[1]  Timothy W. Finin,et al.  A Target Centric Ontology for Intrusion Detection: Using DAML+OIL to Classify Intrusive Behaviors , 2004 .

[2]  Luigi Coppolino,et al.  Exploiting diversity and correlation to improve the performance of intrusion detection systems , 2009, 2009 International Conference on Network and Service Security.

[3]  Abdul Razzaq,et al.  Ontology based application level intrusion detection system by using Bayesian filter , 2009, 2009 2nd International Conference on Computer, Control and Communication.

[4]  Thomas R. Gruber,et al.  A translation approach to portable ontology specifications , 1993, Knowl. Acquis..

[5]  Theo Tryfonas,et al.  Frontiers in Artificial Intelligence and Applications , 2009 .

[6]  Shi-Kuo Chang Editorial: a General Framework for Slow Intelligence Systems , 2010, Int. J. Softw. Eng. Knowl. Eng..

[7]  M. Kahani,et al.  Ontology-based distributed intrusion detection system , 2009, 2009 14th International CSI Computer Conference.

[8]  Steffen Staab,et al.  Ontology Learning for the Semantic Web , 2002, IEEE Intell. Syst..

[9]  Mario Vento,et al.  A Bayesian Approach for Automatic Building Lightweight Ontologies for E-Learning Environment , 2005, ICEIS.

[10]  Karen A. Scarfone,et al.  Guide to Intrusion Detection and Prevention Systems (IDPS) , 2007 .

[11]  Anupam Joshi,et al.  Modeling Computer Attacks: An Ontology for Intrusion Detection , 2003, RAID.

[12]  Thomas C. Jepsen,et al.  Just What Is an Ontology, Anyway? , 2009, IT Professional.

[13]  Randy Bush,et al.  Configuration management and security , 2009, IEEE Journal on Selected Areas in Communications.

[14]  Óscar Corcho A Layered Declarative Approach to Ontology Translation with Knowledge Preservation , 2005, Frontiers in Artificial Intelligence and Applications.

[15]  Sergei Nirenburg,et al.  Ontology in information security: a useful theoretical foundation and methodological tool , 2001, NSPW '01.

[16]  Timothy W. Finin,et al.  Security for DAML Web Services: Annotation and Matchmaking , 2003, SEMWEB.