Title :
Plan recognition in intrusion detection systems using logic programming
Author :
Chintabathina, S. ; Villacis, J. ; Walker, J.J. ; Gomez, H.R.
Author_Institution :
Comput. Sci. Dept., Univ. of Arkansas at Pine Bluff, Pine Bluff, AR, USA
Abstract :
In this paper we focus on logic programming based approach to plan recognition in intrusion detection systems. The goal of an intruder is to attack a computer or a network system for malicious reasons and the goal of the intrusion detection system is to detect the actions of the intruder and warn the network administrator of an impending attack. We show how an intrusion detection system can recognize the plans of the intruder by modeling the domain as a logic program and then reducing the plan recognition problem to computing models of the logic program. This methodology has been used widely for several planning problems and fits very naturally for plan recognition problems. We give an example scenario and show how to model it. Our results are quite satisfactory and we believe that our approach can lead to a generalized solution to plan recognition.
Keywords :
logic programming; pattern recognition; security of data; computer attack; intruder action detection; intrusion detection system; logic programming; network administrator; network system attack; plan recognition; Computational modeling; Computer crime; Computers; Educational institutions; Intrusion detection; Logic programming; Ports (Computers); A-Prolog; Intrusion Detection; Logic Programming; Plan Recognition;
Conference_Titel :
Homeland Security (HST), 2012 IEEE Conference on Technologies for
Conference_Location :
Waltham, MA
Print_ISBN :
978-1-4673-2708-4
DOI :
10.1109/THS.2012.6459918
