Abstract
The Faculty of Computer Systems and Technology at Technical University – Sofia undertook analyses and experiments on the use of Artificial Intelligence methods in the field of Information Security. In the course of the study a Cyber Defence related to the classification consisting of three phases has been proposed: Operative Cyber Intelligence, Tactical Cyber Intelligence and Incident Handling. It has been found that there is no universal Artificial Intelligence method effective for all phases mentioned above and for all applications. In each case, a set of criteria should be developed to select (and then experiment) an appropriate method (or combination of methods). A selection of methods for the first two stages of Cyber Defence was described in previous work. In the present paper are considered some of the considerations related to effective use of appropriate methods for the Incident Handling phase.
Highlights
The Faculty of Computer Systems and Technologies at the Technical University-Sofia conducts for several years analyses and experiments on the implementation of Artificial Intelligence methods in the field of Information Security [22]
The Cyber Defence can be divided into three components: - immediate coverage of attacks - we refer it to the socalled Tactical Cyber Intelligence; - anticipating the actions of the possible adversary refers to the so-called Operational Cyber Intelligence and - removal of the consequences of the attack - refers to the so-called Incident Handling
We have found that there is no universal Artificial Intelligence method that is effective for all phases mentioned above and for all applications
Summary
The Faculty of Computer Systems and Technologies at the Technical University-Sofia conducts for several years analyses and experiments on the implementation of Artificial Intelligence methods in the field of Information Security [22]. These studies are funded by Bulgarian National Science Fund in the frameworks of the project "Increasing the level of the Network and Information Security using Artificial Intelligence methods". The previous articles [2,3,4,5,6,7,8,9,10,11,12] reporting on the works implemented under the project are devoted to the first two (on the above-mentioned classification) stage of the Cyber Defence: the Tactical Cyber Intelligence, where we have used Multi-Agent system of self-learning agents and Operational Cyber Intelligence with Echo State Neural Networks plus Reservoir Computing
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
