An Incident Response Decision Support System Based on CBR and Ontology
The similar incident has the similar incident response solution in the information security domain. This spurs us to explore successful past experiences and construct their formal representation so that we can store and share them. Case-based reasoning (CBR) and ontology are means to facilitate fulfilling the above task. This paper designs the incident response decision support system which is based on CBR and ontology. Having given the ontology representation of the security incident, according to the property of incident response an algorithm to get the best match case is presented. Two incident response instances are presented.
CBR incident response ontology decision support
Liu Ping Yu Haifeng Ma Guoqing
National Key Laboratory of Science and Technology on Information System Security Beijing, 100101, China
国际会议
太原
英文
337-340
2010-10-22(万方平台首次上网日期,不代表论文的发表时间)