Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Cyberpatterns: Towards a Pattern Oriented Study of Cyberspace Read chapter Read first chapter

2014 | OriginalPaper | Chapter

17. An Overview of Artificial Intelligence Based Pattern Matching in a Security and Digital Forensic Context

Author : Faye Rona Mitchell

Published in: Cyberpatterns

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Many real world security and digital forensics tasks involve the analysis of large amounts of data and the need to be able to classify parts of that data into sets that are not well or even easily defined. Rule based systems can work well and efficiently for simple scenarios where the security or forensics incident can be well specified. However, such systems do not cope as well where there is uncertainty, where the IT system under consideration is complex or where there is significant and rapid change in the methods of attack or compromise. Artificial Intelligence (AI) is an area of computer science that has concentrated on pattern recognition and in this extended abstract we highlighted some of the main themes in AI and their appropriateness for use in a security and digital forensics context.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Evaluating the Implications of Attack and Security Patterns with Premortems
next chapter Partitional Clustering of Malware Using K-Means
Footnotes
1
OWL is a web markup language for creating ontologies. The term ontology is used to mean a shared vocabulary and taxonomy that can be used to describe the concepts and relationships in a given domain. The main difference between an ontology and a knowledge representation is that an ontology is designed to be shared, whereas a knowledge representation language is not.
 
2
This is best illustrated in a (possibly apocryphal) story about the US military who tried to train an ANN to recognise tanks hiding in trees. To this end they took pictures of forests with no tanks, pictures of forests with tanks and showed them to the ANN. Unfortunately the pictures without tanks were taken on a cloudy day and the pictures with tanks were taken on a sunny day so the ANN learnt how to tell if it was sunny or not. Because an ANN has no explainability power this fact was not found out until much later in the testing process.
 
3
An autoassociative memory is a memory system that can retrieve an entire data set based on just a small part of that data. A bidirectional associative memory is a memory system that can retrieve a related but different dataset.
 
4
Pre-attentive focusing is the name given to a human’s ability to see patterns in apparently random data. The disadvantage of this is that humans can spot patterns when no pattern really exists.
 
Literature
1.
Duce D, Mitchell F, Turner P. Digital forensics: challenges and opportunities. In: 2nd conference on advances in computer security and forensics (ACSF)’, LJMU, Liverpool; 2007.
2.
3.
Mitchell F. The use of artificial intelligence in digital forensics: an introduction. Digit. Evid. Electron. Sign. Law Rev. 2010;7:35–41.
4.
5.
Fenz S, Ekelhart A. Formalizing information security knowledge. In: ACM symposium on information, computer and communication security (ASIACCS 2009). Sydney: Australia; 2009.
6.
Turner P. Unification of digital evidence from disparate sources (digital evidence bags). Digit. Inv. 2005;2:223–8.
7.
8.
9.
d’Avila Garcez AS, Broda K, Gabbay DM. Symbolic knowledge extraction from trained neural networks: a sound approach. Artif. Intell. 2001;125:155–207.CrossRefMATH
10.
Linari A. Abuse detection programme at nominet. In: 17th CENTR technical workshop, Amsterdam, The Netherlands, 2007.
11.
12.
Craw SM, Sleeman D. Automating the refinement of knowledge-based systems. In: Proceedings of the ninth european conference on artificial intelligence, 1990.
Metadata
Title
An Overview of Artificial Intelligence Based Pattern Matching in a Security and Digital Forensic Context
Author
Faye Rona Mitchell
Copyright Year
2014
Book
Cyberpatterns

Print ISBN: 978-3-319-04446-0

Electronic ISBN: 978-3-319-04447-7

Copyright Year: 2014

DOI
https://doi.org/10.1007/978-3-319-04447-7_17

Premium Partner

    Image Credits