Home > CSC-OpenAccess Library > Manuscript Information
EXPLORE PUBLICATIONS BY COUNTRIES |
EUROPE | |
MIDDLE EAST | |
ASIA | |
AFRICA | |
............................. | |
United States of America | |
United Kingdom | |
Canada | |
Australia | |
Italy | |
France | |
Brazil | |
Germany | |
Malaysia | |
Turkey | |
China | |
Taiwan | |
Japan | |
Saudi Arabia | |
Jordan | |
Egypt | |
United Arab Emirates | |
India | |
Nigeria |
A Security Analysis Framework Powered by an Expert System
Maher Mohamed Gamal, Bahaa Hassan, Abdel Fatah Hegazy
Pages - 505 - 527 | Revised - 31-01-2011 | Published - 08-02-2011
MORE INFORMATION
KEYWORDS
Computer Security, Security Analysis, Expert System, Security Framework, Computer Attacks
ABSTRACT
Today\'s IT systems are facing a major challenge in confronting the fast rate of
emerging security threats. Although many security tools are being employed
within organizations in order to standup to these threats, the information revealed
is very inferior in providing a rich understanding to the consequences of the
discovered vulnerabilities. We believe expert systems can play an important role
in capturing any security expertise from various sources in order to provide the
informative deductions we are looking for from the supplied inputs. Throughout
this research effort, we have built the Open Security Knowledge Engineered
(OpenSKE) framework (http://code.google.com/p/openske), which is a security analysis framework built around an
expert system in order to reason over the security information collected from
external sources. Our implementation has been published online in order to
facilitate and encourage online collaboration to increase the practical research
within the field of security analysis.
1 | Rani, C., & Goel, S. CSAAES: An Expert System for Cyber Security Attack Awareness. |
2 | Houngbo, P. J., & Hounsou, J. T. (2015). Measuring Information Security: Understanding And Selecting Appropriate Metrics. International Journal of Computer Science and Security (IJCSS), 9(2), 108. |
3 | Kotenko, I., & Chechulin, A. Fast Network Attack Modeling and Security Evaluation based on Attack Graphs. Journal of Cyber Security, 3(1), 27-46. |
4 | Medany, I., Shazly, M., & El-Sherbiny, M. G. (2014). Expert-Based-Computer Aided Design and Component Selection for Dust Collection Systems. International Journal of Scientific Research in Environmental Sciences, 2(1), 14. |
5 | Mehrasa, M., Zaker, S. R., Larki, B., Mehmandoust, M., Baghshahi, H., Sekhavati, M. H., & Gavanji, S. (2014). Computational Prediction and Analysis of Interaction of Silver Nitrate with Peptidoglycan-Associated lipoprotein (Pal). International Journal of Scientific Research in Environmental Sciences, 2(1), 8. |
6 | Kotenko, I., & Chechulin, A. (2013, June). A cyber attack modeling and impact assessment framework. In Cyber Conflict (CyCon), 2013 5th International Conference on (pp. 1-24). IEEE. |
7 | Kotenko, I., & Chechulin, A. (2012). Attack modeling and security evaluation in SIEM systems. International Transactions on Systems Science and Applications, 8, 129-147. |
1 | Google Scholar |
2 | Academic Journals Database |
3 | CiteSeerX |
4 | refSeek |
5 | Socol@r |
6 | ResearchGATE |
7 | Libsearch |
8 | Bielefeld Academic Search Engine (BASE) |
9 | Scribd |
10 | WorldCat |
11 | SlideShare |
12 | PdfSR |
10. R. P. Lippmann, K. W. Ingols. “An Annotated Review of Past Papers on Attack Graphs”. MIT 2005. | |
11. Xinming Ou. “A logic-programming approach to network security analysis”. Princeton University, 2005. | |
12. Sudhakar Govindavajhala. “A Formal Approach to Practical Network Security Management”. Princeton University, 2006. | |
13. Xinming Ou, Sudhakar Govindavajhala, Andrew W. Appel. “MulVAL: A Logic-based Network Security Analyzer”. Proceedings of the 14th USENIX Security Symposium, 2005. | |
14. Edward A.Feigenbaum. “Expert Systems : Principles and Practice”, The Encyclopedia of Computer Science and Engineering, 1992. | |
15. CL Forgy, Rete: “A fast algorithm for the many pattern/many object pattern match problem”. Artificial Intelligence, 1982. | |
16. Robert A. Martin. “Making Security Measurable and Manageable”, MILCOM 2008. | |
17. T. Tidwell, R. Larson, K. Fitch and J. Hale. “Modeling Internet Attacks”, IEEE 2001. | |
18. Sean Barnum, Amit Sethi. “Attack Patterns as a Knowledge Resource for Building Secure Software”, OMG Software Assurance Workshop: Cigital, 2007. | |
5. Steven J. Templeton, Karl Levitt. “A Requires/Provides Model for Computer Attacks”. ACM Press, 2000 | |
6. Robert W. Baldwin. “Rule based Analysis of Computer Security”. MIT, 1987. | |
7. Daniel Farmer, Eugene H. Spafford. “The COPS Security Checker System”. Purdue, 1994. | |
8. Dan Zerkle, Karl Levitt. NetKuang – “A Multi-Host Configuration Vulnerability Checker”, California, 1996. | |
9. Ronald W. Ritchey, Paul Ammann. “Using Model Checking to Analyze Network Vulnerabilities”. IEEE Symposium on Security and Privacy, 2000. | |
Mr. Maher Mohamed Gamal
EDC - Egypt
mahergamal@gmail.com
Dr. Bahaa Hassan
Arab Security Consultants - Egypt
Dr. Abdel Fatah Hegazy
Arab Academy of Science, Technology & Maritime Transport - Egypt
|
|
|
|
View all special issues >> | |
|
|