Author_Institution :
North Carolina State Univ., Raleigh, NC, USA
Abstract :
Summary form only given. Network and information security is of increasing concern as intruders utilize more advanced technologies, and attacks are occurring much more frequently. A simple intrusion can cause an enterprise financial disaster, a threat to national safety, or loss of human life. Network-based and computer-based intrusion detection systems (IDS´s) started appearing some twenty years ago. Now, there are various synchronous and asynchronous tools for external and internal network and host intrusion detection and mitigation using models ranging from signature scanning and pattern matching, to statistical anomaly detection. Although modern tools are much more advanced, they still have many limitations, shortcomings, and open issues. Most tend to be focused on matching known patterns as opposed to discovery of new anomalies through, for example, inductive reasoning about potential anomaly signals. This talk discusses the issues, and the place of pro-active reasoning in the context of identification of security-related anomalies and issues.
Keywords :
inference mechanisms; pattern matching; security of data; computer-based intrusion detection system; information security; network security; pattern matching; pro-active reasoning; signature scanning; statistical anomaly detection; Artificial intelligence; Computer networks; Humans; Information security; Intrusion detection; National security; Pattern matching; Safety;
