Title: An Evolutionary, Agent-Based Model to Aid in Computer Intrusion Detection and Prevention
Abstract: Abstract : We have developed a realistic agent-based simulation model of hacker behavior. In the model, hacker scripts are generated using a simple but powerful hacker grammar that has the potential to cover all possible hacker scripts. The model can be used to characterize the evidence generated by any hacker script, including new scripts that appear every day, and to train inexperienced investigators and incident handlers how to deal with a compromised system and look for evidence. The model can also be used in order to design sophisticated artificial intelligence techniques to automate intrusion detection and evidence collection. Finally, we summarize an extension of this work in which an evolutionary algorithm was used to evolve scripts that achieve certain goals without being detected.
Publication Year: 2005
Publication Date: 2005-06-01
Language: en
Type: report
Indexed In: ['crossref']
Access and Citation
Cited By Count: 4
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot