{"title":"通过交互式归纳逻辑编程实现专家指导的网络攻击解释","authors":"O. Ray, Steve Moyle","doi":"10.1109/KSE53942.2021.9648769","DOIUrl":null,"url":null,"abstract":"This paper proposes a logic-based machine learning approach called Acuity which is designed to facilitate user-guided elucidation of novel phenomena from evidence sparsely distributed across large volumes of linked relational data. The work builds on systems from the field of Inductive Logic Programming (ILP) by introducing a suite of new techniques for interacting with domain experts and data sources in a way that allows complex logical reasoning to be strategically exploited on large real-world databases through intuitive hypothesis-shaping and data-caching functionality. We propose two methods for rebutting or shaping candidate hypotheses and two methods for querying or importing relevant data from multiple sources. The benefits of Acuity are illustrated in a proof-of-principle case study involving a retrospective analysis of the CryptoWall ransomware attack using data from a cyber security testbed comprising a small business network and an infected laptop.","PeriodicalId":130986,"journal":{"name":"2021 13th International Conference on Knowledge and Systems Engineering (KSE)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Towards expert-guided elucidation of cyber attacks through interactive inductive logic programming\",\"authors\":\"O. Ray, Steve Moyle\",\"doi\":\"10.1109/KSE53942.2021.9648769\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This paper proposes a logic-based machine learning approach called Acuity which is designed to facilitate user-guided elucidation of novel phenomena from evidence sparsely distributed across large volumes of linked relational data. The work builds on systems from the field of Inductive Logic Programming (ILP) by introducing a suite of new techniques for interacting with domain experts and data sources in a way that allows complex logical reasoning to be strategically exploited on large real-world databases through intuitive hypothesis-shaping and data-caching functionality. We propose two methods for rebutting or shaping candidate hypotheses and two methods for querying or importing relevant data from multiple sources. The benefits of Acuity are illustrated in a proof-of-principle case study involving a retrospective analysis of the CryptoWall ransomware attack using data from a cyber security testbed comprising a small business network and an infected laptop.\",\"PeriodicalId\":130986,\"journal\":{\"name\":\"2021 13th International Conference on Knowledge and Systems Engineering (KSE)\",\"volume\":\"60 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-11-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2021 13th International Conference on Knowledge and Systems Engineering (KSE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/KSE53942.2021.9648769\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 13th International Conference on Knowledge and Systems Engineering (KSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/KSE53942.2021.9648769","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Towards expert-guided elucidation of cyber attacks through interactive inductive logic programming
This paper proposes a logic-based machine learning approach called Acuity which is designed to facilitate user-guided elucidation of novel phenomena from evidence sparsely distributed across large volumes of linked relational data. The work builds on systems from the field of Inductive Logic Programming (ILP) by introducing a suite of new techniques for interacting with domain experts and data sources in a way that allows complex logical reasoning to be strategically exploited on large real-world databases through intuitive hypothesis-shaping and data-caching functionality. We propose two methods for rebutting or shaping candidate hypotheses and two methods for querying or importing relevant data from multiple sources. The benefits of Acuity are illustrated in a proof-of-principle case study involving a retrospective analysis of the CryptoWall ransomware attack using data from a cyber security testbed comprising a small business network and an infected laptop.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
