K. Brunnstein, S. Fisher-Hübner & M. Swimmer, "Concepts of an Expert System for Virus Detection", Proceedings of the 7th IFIP International Conference and Exhibition on Information Security, Brighton, UK, May 1991.  Home/Search   Document Not in Database   Summary   Related Articles

....penetration scenarios and the latter ones are appropriate to detect unknown scenarios. The adequacy and feasibility of statistical approaches have been proven by the early Systek work [Lunt86] and the first versions of the IDES system [Lunt88a] On the other hand, virus detection systems, e.g. Brunnstein91] are based on a priori knowledge about known viruses and viruses in general. The Midas system [Whitehurst87]#and the more recent IDES versions [Lunt90]#integrate statistical knowledge about what could be considered as normal behaviour together with heuristics knowledge about what could be ....

....but specially tailored for processing large sequential files efficiently. The power of rule based languages is generally recognized: the intrusion detection system IDES [Lunt90] uses a general rule based expert system tool PBEST, the expert system for virus detection of the University of Hamburg [Brunnstein91] uses rules a la OPS 5 while the OSIRIS system [Baur88] uses Prolog rules. However in audit trail analysis, a general purpose rule based language should not necessarily allow encoding any kind of declarative knowledge or making a general reasoning about that knowledge. For such purpose, a ....

K. Brunnstein, S. Fisher-Hübner & M. Swimmer, "Concepts of an Expert System for Virus Detection", Proceedings of the 7th IFIP International Conference and Exhibition on Information Security, Brighton, UK, May 1991.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC