RETISS: a real time security system for threat detection using fuzzy logic

Author

Carrettoni, F. ; Castano, S. ; Martella, G. ; Samarati, P.

Author_Institution

Dipartimento di Sci. dell´´Inf., Milano Univ., Italy

fYear

1991

fDate

1-3 Oct 1991

Firstpage

161

Lastpage

167

Abstract

A real-time security system (RETISS) for threat detection is described, pointing out security violations in the target system under control. RETISS is based on the hypothesis that a correlation exists between anomalous user behavior and threats. Security rules have been enforced to express this correlation and to detect and evaluate the probability of a given threat, based on the level of danger of the occurrences of the anomalies symptomatic for the threat. Levels of danger of all the anomalies are then fuzzy combined to express the probability of the threat. RETISS is independent of any particular system and application environment. Moreover, RETISS runs on a machine different from that of the target system in order to be protected against attacks from users of the target system

Keywords

fuzzy logic; real-time systems; security of data; RETISS; anomalous user behavior; application environment; fuzzy combined; fuzzy logic; probability; real-time security system; security violations; target system; threat detection; threats; Computer architecture; Computer security; Control systems; Data security; Expert systems; Fuzzy logic; Monitoring; Protection; Real time systems; Target tracking;

fLanguage

English

Publisher

ieee

Conference_Titel

Security Technology, 1991. Proceedings. 25th Annual 1991 IEEE International Carnahan Conference on

Conference_Location

Taipei

Print_ISBN

0-7803-0120-X

Type

conf

DOI

10.1109/CCST.1991.202210

Filename

202210