DocumentCode :
607971
Title :
Network Attack Analysis and the Behaviour Engine
Author :
Benham, A. ; Read, H. ; Sutherland, I.
Author_Institution :
Univ. of Glamorgan, Pontypridd, UK
fYear :
2013
fDate :
25-28 March 2013
Firstpage :
106
Lastpage :
113
Abstract :
Behaviour Engines allow the acquirement of tacit (implicit or none verbalists) knowledge by using an acquire-by-action workflow and provide a direct interaction platform between the domain expert and the evolving project code based on an intuitive justification-conclusion language, thus surpassing legacy policy engines by being a self developing and learning mechanism. This paper seeks to formulate the current state of the art in technology and processes and attempts to merge the application of ontological decision techniques of behaviour engines with network packet capture data, to detect data exfiltration attempts over covert channelling. The final goal of the research will be to develop a behaviour engine/intrusion detection solution for pre-emptive counter-measures to anomalous behaviour from within or without a network.
Keywords :
computer network security; learning (artificial intelligence); acquire-by-action workflow; anomalous behaviour; behaviour engine; covert channelling; data exfiltration attempts; evolving project code; justification-conclusion language; learning mechanism; legacy policy engines; network attack analysis; network packet capture data; preemptive counter-measures; self developing mechanism; tacit knowledge; Computer networks; Electronic mail; Engines; Intrusion detection; Malware; Protocols; Behaviour Engines; Covert Channels; Data Exfiltration; Intrusion Detection/Prevention;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Advanced Information Networking and Applications (AINA), 2013 IEEE 27th International Conference on
Conference_Location :
Barcelona
ISSN :
1550-445X
Print_ISBN :
978-1-4673-5550-6
Electronic_ISBN :
1550-445X
Type :
conf
DOI :
10.1109/AINA.2013.157
Filename :
6531744
Link To Document :
بازگشت