Title :
A Knowledge-Based System Implementation of Intrusion Detection Rules
Author :
Flior, Eric ; Anaya, Tychy ; Moody, Cory ; Beheshti, Mohsen ; Han, Jianchao ; Kowalski, Kazimierz
Author_Institution :
Comput. Sci. Dept., California State Univ. Dominguez Hills, Carson, CA, USA
Abstract :
This research determines the feasibility of using an Exsys Corvid based expert system to detect and respond to network threats and appropriately administrate a Linux-based iptables firewall in real-time. In our implementation, we attempt to replace the human domain expert required for creating the expert system knowledge base with intrusion detection rules created by data-mining on network traffic. Our expert system will be used in conjunction with intrusion detection classification rules provided by the See5 data-mining tool, which have, in turn, been created based on the data fusion of normal and malicious network traffic from multiple network sensors.
Keywords :
Linux; data mining; expert systems; security of data; sensor fusion; telecommunication traffic; Exsys Corvid based expert system; Linux-based iptables firewall; See5 data-mining tool; data fusion; intrusion detection rules; knowledge-based system implementation; multiple network sensors; network traffic; Databases; Expert systems; Humans; Information analysis; Information technology; Intrusion detection; Knowledge based systems; Real time systems; Sensor systems; Telecommunication traffic; Corvid; Expert System; Linux; See5; iptables;
Conference_Titel :
Information Technology: New Generations (ITNG), 2010 Seventh International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-6270-4
DOI :
10.1109/ITNG.2010.251
