FLUF: Fuzzy logic utility framework to support computer network defense decision making

Cyber defenders must make decisions under uncertainty using incomplete information. Information and communications networks are dynamic and complex; characteristics that contribute heavily to uncertainty. This paper presents an approach to prioritizing intrusion detection system alerts based on fuzz...

Full description

Saved in:
Bibliographic Details
Published in2016 Annual Conference of the North American Fuzzy Information Processing Society (NAFIPS) pp. 1 - 6
Main Authors Newcomb, E. Allison, Hammell, Robert
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.10.2016
Subjects
Computer architecture
Computer crime
Computer networks
cyber security
decision support
Fuzzy logic
network defense
Organizations
Risk Management Framework
Online AccessGet full text

Cover

More Information
Summary:Cyber defenders must make decisions under uncertainty using incomplete information. Information and communications networks are dynamic and complex; characteristics that contribute heavily to uncertainty. This paper presents an approach to prioritizing intrusion detection system alerts based on fuzzy logic rules developed with particular aspects of the network's mission in mind. Called the Fuzzy Logic Utility Framework, the fuzzy rule base was developed using risk assessment techniques from both offensive and defensive perspectives. The primary objective is to provide cyber defenders with decision support to improve their efficiency and ultimately increase mission assurance by placing focus on the most severe intrusion detection system alerts first.
DOI:10.1109/NAFIPS.2016.7851582