ReasONets: a fuzzy-based approach for reasoning on network incidents
Authors: 
Giuseppe Petracca, Anna Cinzia Squicciarini, William Horne, Marco Casassa-MontAuthors Info & Claims
Giuseppe Petracca, Anna Cinzia Squicciarini, William Horne, Marco Casassa-MontAuthors Info & ClaimsPages 1010 - 1012
Abstract
We provide an approach for real-time analysis of ongoing events in a controlled network. We propose ReasONets, i.e. Reasoning on Networks, a distributed and lightweight system, able to process and reason about anomalies and incidents observed in closed net- works. To the best of our knowledge this is the first system combining detections and classification of network events with real-time reasoning. Our demo will show a running prototype of the ReasONets, demonstrating the power and accuracy of the reasoning process in presence of incidents of various nature.
References
[1]
J. M. Estévez-Tapiador, P. Garcia-Teodoro, and J. E. Díaz-Verdejo. Measuring normality in http traffic for anomaly-based intrusion detection. Computer Networks, 45(2):175--193, 2004.
[2]
R. Guha, O. Kachirski, D. Schwartz, S. Stoecklin, and Y. Yilmaz. Case-based agents for packet-level intrusion detection in ad hoc networks. In Proceedings of the 17th International Symposium on Computer and Information Sciences, pages 315 -- 320. CRC Press, October 2002.
[3]
D. B. Leake. Case-based reasoning. The Knowledge Engineering Review, 9(01):61--64, 1994.
[4]
R. Perdisci, W. Lee, and N. Feamster. Behavioral clustering of http-based malware and signature generation using malicious network traces. In NSDI, pages 391--404, 2010.
[5]
T. J. Ross. Fuzzy Logic, pages i--xxi. John Wiley & Sons, Ltd, 2010.
[6]
M. West-Brown, D. Stikvoort, K.-P. Kossakowski, G. Killcrece, R. Ruefle, and M. Zajicek. Handbook for computer security incident response teams (csirts). Technical Report Carnegie Mellon University/SEI-2003-HB-002, 2003.
Index Terms
- ReasONets: a fuzzy-based approach for reasoning on network incidents
Recommendations
Situational awareness through reasoning on network incidents
CODASPY '14: Proceedings of the 4th ACM conference on Data and application security and privacyCorporations worldwide work with teams of often dedicated system administrators to maintain, detect and prevent network infringements. This is a highly user-driven process that consumes hundreds (if not thousands) of man hours yearly. User reporting, ...
Extended constraint handling for CP-networks
Intelligent information processing IICP-networks are an elegant and compact qualitative framework for express preference, in which we can represent and reason about preference rankings given conditional preference statements. However, represent constraints in such framework is one ...
Comments
Information & Contributors
Information
Published In
October 2012
1088 pages
ISBN:9781450316514
DOI:10.1145/2382196
- General Chair:
- Ting Yu,
- Program Chairs:
- George Danezis,
- Virgil Gligor
Copyright © 2012 Authors.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 16 October 2012
Check for updates
Author Tags
Qualifiers
- Demonstration
Conference
CCS'12
Sponsor:
CCS'12: the ACM Conference on Computer and Communications Security
October 16 - 18, 2012
North Carolina, Raleigh, USA
Acceptance Rates
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 255Total Downloads
- Downloads (Last 12 months)6
- Downloads (Last 6 weeks)2
Reflects downloads up to 25 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in