Authors:
Gulnara Yakhyaeva
and
Aleksey Ershov
Affiliation:
Novosibirsk State University, Russian Federation
Keyword(s):
Information Security, Cyber Threats, Multi-step Attack, Knowledge Base, Description Logic, Interpretation, Case-based Model, Fuzzy Model, Generalized Fuzzy Model.
Related
Ontology
Subjects/Areas/Topics:
Advanced Applications of Fuzzy Logic
;
Artificial Intelligence
;
Artificial Intelligence and Decision Support Systems
;
Biomedical Engineering
;
Case-Based Reasoning
;
Data Engineering
;
Enterprise Information Systems
;
Health Information Systems
;
Information Systems Analysis and Specification
;
Knowledge Management
;
Ontologies and the Semantic Web
;
Pattern Recognition
;
Society, e-Business and e-Government
;
Symbolic Systems
;
Theory and Methods
;
Web Information Systems and Technologies
Abstract:
This work describes the module of the "RiskPanel" software system, performing risk analysis of multi-step computer attacks. The module is based on statistical analysis of actual computer attack precedents. At the user's request the system calculates objective probability of information security risks, taking into account all possible multi-step attacks (i.e. possible combinations of known attacks). The estimation of probability is presented as an interval because we don't always have a full description of real attacks.
The task of this work is described using the model-theoretic formalism. The first step is to build a knowledge base of computer attacks. The formal description of the knowledge base structure is made with the Description Logic. Formalization of estimated (fuzzy) judgments is made in the language of the Fuzzy Model Theory. The article contains algorithms for calculation of probabilistic risk intervals and describes program implementation of the developed methods.