Skip to Main content Skip to Navigation
Conference papers

Case Retrieval for Network Security Emergency Response Based on Description Logic

Abstract : Network security emergency response (NSER) is an important topic in information security. Nowadays, a large number of NSER systems and tools are developed, which can effectively detect part of security incidents and provide general best-practice guidelines for handling some type of security incidents, but not give a reasonable, fast, effective processing method for every security incidents in actual environment. An intelligent method based on case-based reasoning (CBR) and description logic (DL) is proposed for NSER. Firstly, a case base for NSER is organized in such a way that domain knowledge of NSER is described by the DL ALCO(D). Secondly, based on refinement operator and refinement graph in DLs, an algorithm for measuring the similarity of ALCO(D) concepts is designed and used for retrieving cases from the case base. It is demonstrated that our method can reuse past experiences on security incidents to generate response automatically.
Document type :
Conference papers
Complete list of metadata

Cited literature [11 references]  Display  Hide  Download

https://hal.inria.fr/hal-01383343
Contributor : Hal Ifip <>
Submitted on : Tuesday, October 18, 2016 - 2:58:23 PM
Last modification on : Thursday, March 5, 2020 - 5:41:06 PM

File

978-3-662-44980-6_32_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Fei Jiang, Tianlong Gu, Liang Chang, Zhoubo Xu. Case Retrieval for Network Security Emergency Response Based on Description Logic. 8th International Conference on Intelligent Information Processing (IIP), Oct 2014, Hangzhou, China. pp.284-293, ⟨10.1007/978-3-662-44980-6_32⟩. ⟨hal-01383343⟩

Share

Metrics

Record views

153

Files downloads

246