2006 | OriginalPaper | Buchkapitel
Automated Abduction for Computer Forensics
verfasst von : Andrei Doncescu, Katsumi Inoue
Erschienen in: Autonomic and Trusted Computing
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
This paper describes a diagnostic system designed to aid an investigator to determine how a computer intrusion was accomplished. This wants to be a decision support by figuring out how a hacker created an unauthorized computer account. The diagnostic of this system is based on automated abduction. Abduction is inference that begins with data describing some state and produces an explanation of the data. Since abduction is ampliative and plausible reasoning may not be correct. The plausibility of an explication depends on how much better it is than the alternatives, how good it is independent of the alternatives, how reliable the data is. Therefore, abduction is nonmonotonic. To solve the problem of intrusion we consider the relationship between abduction, default logic and circumscription.