Information Technology: New Generations, Third International Conference on (2010)
Las Vegas, Nevada, USA
Apr. 12, 2010 to Apr. 14, 2010
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ITNG.2010.251
This research determines the feasibility of using an Exsys Corvid based expert system to detect and respond to network threats and appropriately administrate a Linux-based iptables firewall in real-time. In our implementation, we attempt to replace the human domain expert required for creating the expert system knowledge base with intrusion detection rules created by data-mining on network traffic. Our expert system will be used in conjunction with intrusion detection classification rules provided by the See5 data-mining tool, which have, in turn, been created based on the data fusion of normal and malicious network traffic from multiple network sensors.
Corvid, Expert System, iptables, Linux, See5
Eric Flior, Tychy Anaya, Cory Moody, Mohsen Beheshti, Jianchao Han, Kazimierz Kowalski, "A Knowledge-Based System Implementation of Intrusion Detection Rules", Information Technology: New Generations, Third International Conference on, vol. 00, no. , pp. 738-742, 2010, doi:10.1109/ITNG.2010.251