Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

seminar Report-BE-EEE-8th sem-Artificial intelligence in security managenent

503 visualizaciones

Publicado el

Seminar on “An Overview on Use of Artificial Intelligence Techniques in Effective Security Management System”

Publicado en: Ingeniería
  • Sé el primero en comentar

seminar Report-BE-EEE-8th sem-Artificial intelligence in security managenent

  1. 1. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 1 Chapter-1 INTRODUCTION The artificial intelligence is the process in which machine can act like a human. This robust feature allows working in various fields easily. Some of primary application areas where the AI can massively used is Military, Antiterrorism, Automobile Industry, Internet Search Engines and Robotics etc. The working nature of Artificial Intelligence is similar to the human brain so that Artificial Intelligence has wide scope in research nowadays. AI research is highly technical and specialized, and is deeply divided into subfields that often fail to communicate with each other. Some of the division is due to social and cultural factors: subfields have grown up around particular institutions and the work of individual researchers. AI research is also divided by several technical issues. Some subfields focus on the solution of specific problems. Others focus on one of several possible approaches or on the use of a particular tool or towards the accomplishment of particular applications. The central problems (or goals) of AI research include reasoning, knowledge, planning, learning, natural language processing (communication),perception and the ability to move and manipulate objects. General intelligence is still among the field's long-term goals. Currently popular approaches include statistical methods, computational intelligence and traditional symbolic AI. There are a large number of tools used in AI, including versions of search and mathematical optimization, logic, methods based on probability and economics, and many others. The AI field is interdisciplinary, in which a number of sciences and professions converge, including computer science, mathematics, psychology, linguistics, philosophy and neuroscience, as well as other specialized fields such as artificial psychology. The field was founded on the claim that a central property of humans, human intelligence—the sapience of Homo sapiens sapiens—"can be so precisely described that a
  2. 2. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 2 machine can be made to simulate it." This raises philosophical arguments about the nature of the mind and the ethics of creating artificial beings endowed with human-like intelligence, issues which have been explored by myth, fiction and philosophy since antiquity. Artificial intelligence has been the subject of tremendous optimism but has also suffered stunning setbacks. Today it has become an essential part of the technology industry, providing the heavy lifting for many of the most challenging problems in computer science. The popular areas of artificial intelligence are Robotics, Speech Recognition, natural Language Processing, Expert system, pattern recognition, Fuzzy system etc., are useful for the development of new applications which are very much useful for human beings. The artificial intelligence seems to play key role in security if integration of some AI technique done with the security system definitively enhances the security infrastructure of any organization or country. This report reviews these techniques in accordance to give effective security system base on Artificial Intelligence.
  3. 3. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 3 Chapter-2 HISTORY The idea of inanimate objects coming to life as intelligent beings has been around for a long time. The ancient Greeks had myths about robots, and Chinese and Egyptian engineers built automatons. The beginnings of modern AI can be traced to classical philosophers' attempts to describe human thinking as a symbolic system. But the field of AI wasn't formally founded until 1956, at a conference at Dartmouth College, in Hanover, New Hampshire, where the term "artificial intelligence" was coined. MIT cognitive scientist Marvin Minsky and others who attended the conference were extremely optimistic about AI's future. "Within a generation [...] the problem of creating 'artificial intelligence' will substantially be solved," Minsky is quoted as saying in the book "AI: The Tumultuous Search for Artificial Intelligence" (Basic Books, 1994). [Super-Intelligent Machines: 7 Robotic Futures] But achieving an artificially intelligent being wasn't so simple. After several reports criticizing progress in AI, government funding and interest in the field dropped off – a period from 1974–80 that became known as the "AI winter." The field later revived in the 1980s when the British government started funding it again in part to compete with efforts by the Japanese. The field experienced another major winter from 1987 to 1993, coinciding with the collapse of the market for some of the early general-purpose computers, and reduced government funding. But research began to pick up again after that, and in 1997, IBM's Deep Blue became the first computer to beat a chess champion when it defeated Russian grandmaster Garry Kasparov. And in 2011, the computer giant's question-answering system Watson won the quiz show "Jeopardy!" by beating reigning champions Brad Rutter and Ken Jennings. This year, the talking computer "chatbot" Eugene Goostman captured headlines for tricking judges into thinking he was real skin-and-blood human during a Turing test, a competition
  4. 4. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 4 developed by British mathematician and computer scientist Alan Turing in 1950 as a way to assess whether a machine is intelligent. But the accomplishment has been controversial, with artificial intelligence experts saying that only a third of the judges were fooled, and pointing out that the bot was able to dodge some questions by claiming it was an adolescent who spoke English as a second language. Manyexperts now believe the Turing test isn't a good measure of artificial intelligence. "The vast majority of people in AI who've thought about the matter, for the most part, think it’s a very poor test, because it only looks at external behavior," Perlis told Live Science. In fact, some scientists now plan to develop an updated version of the test. But the field of AI has become much broader than just the pursuit of true, humanlike intelligence.
  5. 5. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 5 Chapter-3 WORKS RELATED TO ARTIFICIAL INTELLIGENCE The Artificial Intelligence is new and emerging field in computer world. Many author presented their views on AI techniques in security management. The author [14] present the intelligent techniques are applicable for network protocol security, monitoring, measurement, and accurate prediction. The social networking issues are quite serious issue hence the author [15] presents the Artificial Intelligence techniques can help to outline basic categories of privacy concerns, including solutions to them. This paper [16] proposes a dynamic model Intelligent Intrusion Detection System, based on specific AI approach for intrusion detection. The techniques that are being investigated includes neural networks and fuzzy logic with network profiling, that uses simple data mining techniques to process the network data. The author [17] present situation of rapidly growing intelligence of malware and sophistication of cyber attacks, it is unavoidable to develop intelligent cyber defense methods. The DDoS mitigation has shown that even a defense against large-scale attacks can be successful with rather limited resources when intelligent methods are used. Many author presented their views on AI techniques for security purposes.
  6. 6. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 6 Chapter-4 ARTIFICIAL INTELLIGENCE & SECURITY 1. Artificial Intelligence Use of artificial intelligence is new technology science to research and development expansion of human intelligence. Artificial intelligence is branch of Computer Science working similar to human brain. It gives rise to human intelligence through the machine perspective. The research in Artificial intelligence started in 1956. The University of Dartmouth firstly used the Artificial Intelligence term officially. The most of research in Artificial Intelligence is related to the logical reasoning where research began from the problem solving, reasoning, learning, and expert systems, gaming etc. The mass quantity of research yet to be carried out in this field as it has wide scope. The AI has ability to solve the differential equations, playing chess, integrated circuit design analysis, speech recognition, handwriting recognition, expert system for disease diagnosis, control of aircraft submarine without operator, Bot players introduced in computer games etc. The evolution of AI takes in the generation from 1950 to till date. Today it supposed that the robotics machine can do the human task with special capability like a human. This new era can also helpful in providing AI with security integration gives machine automated security which is focused in this report. 2. Security As security is important issue for any Human, Company Environment, Organization, Community and Country in accordance to maintain growth and stability. Security threat gives rise to several problems such as instability, economical setbacks, terror attacks causes loss of human lives, creates Un-safety feelings.
  7. 7. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 7 As a human being, the security is challenging task because human has several restriction on analyzing and processing several information at a time. This is big drawback is identified in current security system. This drawback can overcome on more practical manner with the help of artificial intelligence techniques integration. The security system includes Homeland security, Intrusion detection system, DOS attack, Cryptography, Video vigilance System etc. Human Processing ability integrated with AI certainly raise the security at high extend. The following diagram shows the formal security system and the security based on Artificial intelligence techniques: Formal Security System Security System based on Artificial Intelligence
  8. 8. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 8 Chapter-5 DIFFERENT AI TECHNIQUES USED IN SECURITY MANAGEMENT SYSTEM As stated earlier the security can be increased at greater extends with the help different AI techniques. The application of some of AI techniques in security field explained below  Artificial Neural Networks.  Data Mining Tools.  Pattern Recognition.  Image Processing/Analysis.  Fuzzy Logic.  Expert System. 5.1Artificial Neural Network The fundamental processing element of a neural network is a neuron. This building block of human awareness encompasses a few general capabilities. Basically, a biological neuron receives inputs from other sources, combines them in some way, performs a generally nonlinear operation on the result, and then outputs the final result. Figure 2.2.1 shows the relationship of these four parts.
  9. 9. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 9 The author [1] presents Artificial Neural Networks is an effective technique which has the ability to implement security using back-propagation algorithm. Simple combinational logic and sequential machine can be well implemented using back-propagation algorithm. Artificial Neural Network can be used as a new method of encryption and decryption of data. The security threads in networks are one of the main key concerns related with the Computer security nowadays. Many Security Agencies are interested in the proper solution for thread, intrusion detection. The many authors provide the solution towards the ANN approach for the Intrusion detection in computer network. Currently [2] rule based method is used in identifying attacks. Output of the neural network in the form of probability helpful in provide predictive capability to find out the misuse. The disadvantage is training, for training the thousands of individual attack sequence is required since this quantity of sensitive information difficult to obtain [3]. The Back propagation algorithm, Echo state Neural Networks and Radial Basis function along with Fisher’s linear discriminate function have been proposed for intrusion detection [4]. The following table gives the comparison of Computing approaches:
  10. 10. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 10 5.2Data Mining Tools The automatic extraction of useful, often previously unknown information from large databases or data sets is known as data mining. This key feature of data mining made data mining as key tools towards the security management. There are several data mining tools such as Clustering, Classification, Association Rule, and Decision tree, Linear Regression, naive bayes classifier etc.The data mining tools are important because it helps to find out exact information from vast amount of data. This feature laid the data mining to find forensic evidences from collected suspicious data from crime spot. This makes task easier for security agencies for finding the criminal. The author described project related to the finding internet crimes. The report gives data mining technique for fraud with fake auction goods, phishing which provide preventive security [5].The internet system gives rise to several malicious activities including the spreading of viruses, network intrusion etc. This paper [6] presents malicious code detection by mining binary executable, network intrusion detection by mining network traffic, anomaly detection, data stream mining. The data mining approach also useful in ‘bot’ detection. Among the different data mining algorithms, probabilistic graphical models (in particular Bayesian networks) is a sound and powerful methodology grounded on probability and statistics, which allows building tractable joint probabilistic models that represents the relevant dependencies among a set of variables (hundreds of variables in real-life applications). The resulting models allow for efficient probabilistic inference. For example, a Bayesian network could represent the probabilistic relationships between large-scale synoptic fields and local observation records, providing a new methodology for probabilistic downscaling: i.e. allowing compute P (observation large-scale prediction). For instance, the red dots in the figure above correspond to the grid nodes of a GCM, whereas the blue dots
  11. 11. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 11 correspond to a network of stations with historical records (the links show the relevant dependencies, automatically discovered from data). 5.3Pattern and Image Recognition-PersonRecognition The Cryptography and Artificial Intelligence gives rise to the CAPTCHA.As it includes the cryptography it has wide scope for the algorithmic development with AI [7]. The pattern recognition mainly concerns with the biometric system. A building safety management system based on image processing technology, which includes the license plate recognition, face recognition, and Radio Frequency Identification (RFID) systems are investigated in this paper. The system integrates three functional capabilities, which can effectively control access to user identity and to control management building security. The image technology is used to do license plate and face recognition. In order to recognize the license plate and face the colour space conversion, segmentation, and image processing technology is applied. Finally, the integration of RFID image processing is applied to automatic security management system. Only the identified users can pass through the gate of building to make sure the security. The Paper introduces the pattern recognition approach for the person identification using fingerprint [8].The pattern recognition approach towards security gives identification of person on the basis of face, voice, fingerprint .The paper [9] Present the MNN Modular neural network for the integration of the speech, fingerprint and face. Pattern recognition approach gives way towards the biometric attendance system, it also useful in person identification where sensitive work carried out i.e. nuclear power plant ,military’s etc where security is prime and foremost preference. The formal approach of pattern recognition is useful in security era very massively. Pattern recognition is the research area that studies the operation and design of systems that recognize patterns in data important application areas are image analysis, character recognition, speech analysis, man and machine diagnostics, person identification and industrial inspection.
  12. 12. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 12 Today, a variety of methods and techniques are available to determine unique identity, the most common being fingerprint, voice, face, and iris recognition. Of these, fingerprint and iris offer a very high level of certainty as to a person's identity, while the others are less exact. A large number of other techniques are currently being examined for suitability as identity determinants. These include (but are not limited to) retina, gait (walking style), typing style, body odour, signature, hand geometry, and DNA. Some wildly esoteric methods are also under development, such as ear structure, thermal imaging of the face and other parts of the body, subcutaneous vein patterns, blood chemistry, anti-body signatures, and heart rhythm, to name a few. The four primary methods of biometric authentication in widespread use today are face, voice, fingerprint, and iris recognition. All of these are supported in our approach, some more abundantly than others. Generally, face and voice are considered to be a lower level of security than fingerprint and iris, but on the other hand, they have a lower cost of entry. We describe briefly in this section some of these biometric methods. Our proposed approach for human recognition consists in integrating the information of the three main biometric parts of the person: the voice, the face, and the fingerprint. Basically, we have an independent system for recognizing a person from each of its biometric information (voice, face, and fingerprint), and at the end we have an integration unit to make a final decision based on the results from each of the modules. In Figure 1 we show the general architecture of our approach in which it is clearly seen that we have one module for voice, one module for face recognition, and one module for fingerprint recognition. At the top, we have the decision unit integrating the results from the three modules.
  13. 13. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 13 We also have developed previously methods for face and fingerprint recognition with modular neural networks [15] and now we need to integrate the results of the three biometric aspects of a person, to make a decision on the identity of a person. We show in Figure 8 the architecture of the fuzzy system used for this decision process. We showin Table 1 the complete set of fuzzy rules used in the fuzzy systemfor person recognition.
  14. 14. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 14 Experiments with this fuzzy system give 100% accuracy 27 persons with a degree of noise up to 80% (gaussian noise). 5.4Image Processing/Analysis Digital Image Processing has widely used for defense and security services target detection and tracking, missile trapping, Wide area surveillance etc. The goal image processing is to find the useful information from image collected from different sources. Develop the algorithm such a way that it provides way towards the autonomous system which capable for giving decision on image inputs. Obstacle detection, radar and 3D radar image processing, sonar image processing, 3D shape retrieval and image analysis etc are key research area today in image processing
  15. 15. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 15 towards the military security. The image Compression and Transmission for long distance in minimum bandwidth is the main research topic nowadays. The CCTV based video system using the AI is discussed by the author[10]in which he suggest nice solution towards the object identification including character, colour, text, Tracking missing variable in the video stream, Incident detection based on speed of visual impression etc. 5.5Fuzzy Logic The author [11] proposed anomaly based intrusion detection approach introducing fuzzy decision making module. The fuzzy rules for inference will automatically identified the by fuzzy rule making strategy which is more effective to detect the intrusion in the computer. The home security provided with the help of fuzzy system [12]. 5.6Expert System(Fuzzy rule based) The Expert system allows being base on the fuzzy rule based model. The supervised learning is most important and key factor for training the expert system as compared to the unsupervised learning. The author [13] stated the fuzzy rule based expert system for cyber security. Designing a Fuzzy Rule BasedExpert System for Cyber Security Stage 1:Defining Cyber Security Expert System Variables The first step in the proposed model is the establishment of input and output variables [31]. This task is usually done by studying the problem domain and by consultation with the cyber experts. There is infinite number of potential candidates which should be restricted to positive numbers. In this paper, the key variables were defined with reference to interviews with cyber security experts. Input and outputs of proposed model is given in fig 2.
  16. 16. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 16 Stage 2:Data Collection for Cyber Terrorism The expert system models the knowledge of the human expert. It also provides explanations similar to the human expert. The system can describe various questions asked by the user. The data used for this work have been extracted from a series of questionnaires collected from cyber experts and system administrators. The obtained data are related especially with topics given below.  Denial of Service (Dos) attacks, virus, malware, logic bomb, social engineering, Trojan horse ,  Out of service, seizing web page, attacks for protesting, seize critical systems, capture confidential information, system control (Fig.3).
  17. 17. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 17 This study evaluates cyber terrorists who might attack communications systems, financial centers, power plants, emergency services, transportation, water supply, oil and natural gas distribution stations. People capable of cyber terrorism such as dedicated special staff, hackers, cyber activists and opponents of the state are evaluated in the proposed FRBCES model. Stage 3:System Design Expert systems may be forward or backward chaining. In forward chaining systems, we reason from antecedent truth to consequent truth; that is, we reason from facts in the rule antecedent that we know to be true to establish new facts whose truth is implied by the antecedent. Backward chaining reverses this; we attempt to find facts to establish the truth of some goal state. It is possible to emulate backward chaining with a forward chaining system Stage 4:Fuzzy Rule Based Model The general architecture for rule-based expert system and the components of a fuzzy rule based inference system are shown in Fig.4.
  18. 18. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 18 The main modules of a fuzzy rule based system are fuzzifization - or fuzzifier module - , fuzzy rules, inference engine and defuzzifier. Step 1: Fuzzification module: It converts a crisp input of the domain of the input variable domain to a grade by fuzzy set. Constructing a fuzzy logic membership functions play a crucial role for fuzzy rule based models. Triangular membership function was used in many fuzzy logic based applications [37]-[42]. In this study triangular membership functions have been used. Step 2: Defining fuzzy rules: Fuzzy rules consist of antecedent and consequent in the form of IF-THEN statements. There are a number of rules, and they make a group which forms the basis for inference [43]. The following some fuzzy rules have been taken with the combination of linguistic Step 3: Defuzzification: It acts as the interface between the fuzzy logic control and the inference system, by providing the crisp output. Regular defuzzification methods are centroid, bisector, mean value of maximum values, smallest value of maximum values and largest value of maximum [44],[26]. The conversion of a fuzzy set to a single crisp value is called defuzzification and reverse process is fuzzification [26]. Mamdani defuzzification method (centroid of the area) is used in the model. To find the defuzzification value the formula (Eq.17) has been used as: where denotes an algebraic integration. Implementation In this study, MATLAB® fuzzy logic toolbox is used for fuzzy rule based cyber expert system. The study is structured on as 4 input and 3 output criteria as depicted in Fig.2. Fuzzy Rule Based Cyber Expert System (FRBCES) against cyber terrorism has been implemented. The implementation has been performed with the help of the fuzzy rule with the minimum and maximum norm. The FRBCES has been developed with a view to taking the criteria “cyber techniques (T)”, “aim of cyber intruders (A)”, “cyber intruders (CI)”, “cyber intruder’s target-(CIT)”, as input. “Sophisticated hardware (H)”, “software (S)” and “user (U) criteria are designed as output. A membership function value for both input and output criteria is contributed using MATLAB®. Eighty-three fuzzy rules have been found in the
  19. 19. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 19 combination of the model. Different cyber terrorism activities have been recorded for the inputs (T, A, CIT, CI). One can state that based on FRBCES, precautions against cyber terror may be predicted. It is possible to use many MATLAB® commands in order to get detailed data concerning the proposed model. A sample symbolic output of MATLAB® fuzzy tool “getfis” and “showrule” command is given in following. >>getfis (model_FRBCES) Name = model_FRBCES Type = mamdani NumInputs = 4 InLabels = T A CIT CI NumOutputs = 3 OutLabels = S H U NumRules = 83 AndMethod = min OrMethod = max ImpMethod = min AggMethod = max DefuzzMethod = centroid ans = model_FRBCES >>showrule (a,[3 1], 'symbolic') ans = 3. (T==N-A) & (A==S-W-P) & (CIT==KI) & (CI==CA) => (S=SpS)(H=TC) (1) 1. (T==N-A) & (A==OoS) & (CIT==CC) => (H=TC) (1) 4.1. FRBCES Simulation Sample
  20. 20. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 20 Simulation: A special staff (SS) intents to deploy cyber attack to finance centers (FC) using denial of service (DoS) technique. His aim is to control of system (CS). According to the proposed model, a sample solution is given in Fig.5 when CI(SS)=0.15; CIT(FC)=0.32; T(DoS)=0.17; A(CS)=0.92. Here, model outputs are S=0.392; H=0.719 and U=0.57. Solution area is shown in red line. It can be seen that cyber techniques (T) criteria is in y axis, cyber intruder’s target (CIT) criteria is in x axis, and solution criteria (sophisticated software, S) is in z axis (Fig.6). Output of S=0.392 means that system needs update (SU); H=0.719 means that system needs technical support (TS); U=0.57 means that users awareness (AW) is important. MATLAB® images of the solution set for output criteria S when CIT=0.32, T=0.17 and T=0.17, A=0.92 is given in Figs. 6 and 7.
  21. 21. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 21
  22. 22. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 22 Chapter-6 INTELLIGENT SYSTEM FOR INFORMATION SECURITY MANAGEMENT (ISISM) ARCHITECTURE AI techniques can be used in building intelligent models to improve the information security management, intrusion detection and prevention capabilities, efficiency of security event management, and decision making (Hentea, 2003, 2004, 2005b, 2005c). Intelligent systems called intelligent assistants help users in decision-making process for configuring and monitoring specific metrics, faults and events correlation that could lead to the reconnaissance of the attack and prevention of the cyber attack. Efficient information security management requires an intelligent system that supports security event management approach with enhanced real-time capabilities, adaptation, and generalization to predict possible attacks and to support human’s actions. The following section describes the basic components and main functions of the intelligent system for information security management (ISISM). Any intelligent system consists of two parts (Meystel & Albus, 2002): 1. Internal, or computational, which can be decomposed into four internal subsystems of intelligence as follows: a) Sensory processing - inputs to an intelligent systems are provided via sensors and processed to create a consistent state of the world. Sensors are used to monitor the state of the external world and intelligent system itself. b) World modeling - is the estimate of the state of the world; it includes knowledge databases about the world and contains a simulation module that provides information about future states of the world. c) Behavior generation – is the decision making module that selects goals and plans, and executes tasks. d) Value judgment – it evaluates both the observed state and predicted state; it provides the basis for decision making.
  23. 23. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 23 2. External, or interfacing; input and output from the internal part of the intelligent systems are generalized via sensors and actuators that can be considered external parts In all intelligent systems, a sensory processing subsystem processes data from sensors to acquire and maintain an internal model (representation) of the world. Then, a behavior generating subsystem decides the course of actions to be taken for achieving the goal. The behavior generation subsystem controls actuators to pursue behavioral goals in the context of the perceived world model. Outputs from intelligent systems generate commands or actions to control the target system. Sensors data are the basis to build knowledge bases, derive new knowledge, detect and predict cyber attacks, and make timely decisions. Examples of sensors data include measurements related to performance, security, state for the following: • Device such as CPU performance, memory usage, used disk space, file usage number of active connections, number of open connections, number of failed logins, number of transactions (queries, updates, deletion), new user requests, new software requests, user termination, response time, number of privileged users accessing the system at one time, number of concurrent users, configuration changes, file accesses per user, number of system calls, number of alerts, number of user authentication failures, number of pending connections, timeout periods, programs execution time, system files usage, shared library usage, clock synchronization protocols, system clock, user accesses to data and executable files, log files size, etc. Hentea 35 • Network such as available bandwidth, delay, network access requests, number of resources not available for some time, new protocol requests, number of simultaneous open ports, number of simultaneous transactions over the Internet, number of simultaneous
  24. 24. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 24 transactions over the Intranet, configuration changes, excessive noise on a circuit requiring retransmission, number of packets dropped, number of E-mail messages, number of console messages, protocols usage, etc. • Interfaces such as utilization statistics • Environmental (temperatures, doors open, doors locked, alarms) • Security safeguards (firewalls, intrusion detection systems, anti-virus software, virtual private network, encryption) such as: number of denied connections, number of alerts, number of false positives, number of false negatives, downtime, maintenance time, number of software updates, reconnaissance activities, number of encrypted and decrypted keys, remote accesses, etc. • Security policies (issue date, revised date, targets, etc.) • Risks (accepted, reduced, transferred) • Contingency and recovery plans • Security and network administrators activities (logins, configuration changes, software installed, software updates, testing, number of notification messages, user applications executed, etc.) DISCUSSION The Artificial intelligence techniques in Security discussed above can be summarized based on their advantage and advantage in tabular format below Sl. No. Artificial Intelligence Technique Advantage Disadvantage
  25. 25. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 25 1 Artificial Neural Networks  Adapt to unknown situations  Robust, able to model complex functions.  Easy to use.  Training of neural network  Not exact  Complexity of the network structure 2 Data Mining  Help with decision making  find out exact information from vast amount of data  User privacy/securit y is critical issue  Misuse of information  Accuracy of data 3 Pattern Recognition  Quick and Accurate  Recognize & Classify unfamiliar objects  Recognise patterns quickly, with ease and automatically.  Reliability of result depends on input 4 Image Processing/Analysis  Processing of images are faster and more cost- effective.  Useful for areas where human interference is impossible.  The initial cost can be high depending on the system used,  Input image should be optimum for recognition 5 Fuzzy Logic  Fuzzy Logic describes  They are not very sensitive
  26. 26. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 26 systems in terms of a combination of numeric’s and symbolic.  The algorithms can be described with little data, so little memory is required.  Fuzzy algorithms are often robust. to changing environments and erroneous or forgotten rules 6 Expert System  Provides consistent answers for repetitive decisions, processes and tasks  Can work round the clock  Errors may occur in the knowledge base, and lead to wrong decisions  Cannot adapt to changing environments, unless knowledge base is changed
  27. 27. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 27 Chapter-7 APPLICATIONS OF ARTIFICIAL INTELLIGENCE (Other than Security Management) 1. Engineering Applications Artificial Intelligence (AI) techniques are now being used by the practicing engineer to solve a whole range of hitherto intractable problems. • Real-time intelligent automation, and their associated supporting methodologies and techniques, including control theory and industrial informatics, • Architectures, algorithms and techniques for distributed AI systems, including multi- agent based control and holonic control, • Decision-support systems, • Aspects of reasoning: abductive, case-based, model-based, non-monotonic, incomplete, progressive and approximate reasoning, • Applications of chaos theory and fractals, • Metaheuristics and their applications in intelligent automation: Genetic Algorithms, Ant Colony Optimization. 2. Artificial life 3. Automated reasoning 4. Automation 5. Biologically inspired computing 6. Concept mining 7. Data mining 8. Knowledge representation 9. Semantic Web 10. E-mail spam filtering 11. Artificial Creativity 12. Game theory and Strategic planning
  28. 28. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 28 CONCLUSION As Security is key important issues, the integration Artificial Intelligence Techniques certainly improve the performance of the existing security system. Main thing related security is alert the user before unwanted things going to happened. The post mortem knowledge has zero value in security field. The Different Artificial Intelligence Techniques has drawback that training set which used for the training any model must be up-to-date. These different techniques certainly helpful in Home Security, Military, Surveillance, and CCTV based security system. The study also presents an intelligent security management System which integrates license plate recognition algorithm, face recognition algorithm, and radio frequency identification technology to make the security monitor automatically. The system constructs an intelligent image processing technology which can identify the license plate and human face. This system has automatic identification and specific user identity functions. Moreover, the system will transmit identification results to the management interface using Lab VIEW and display related information. The proposed system is convinced that it is not expensive but it has efficient security management capability. Also, an expert system for cyber security based on fuzzy rule was presented. After consultation with cyber experts and system administrators, the inputs and output of the system were determined. Mamdani fuzzy inference system was selected. The inference of the fuzzy rules was carried out using the ‘min’ and ‘max’ operators for fuzzy intersection and union. A series of 83 fuzzy if-then rules were designed for the knowledge base. Input space was divided into multidimensional partitions in order to formulate the initial rule base. Actions were then assigned to each of the partitions.
  29. 29. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 29 REFERENCES 1. Navita Agarwal & Prachi Agarwal, “Use of Artificial Neural Network in the Field of Security” MIT International Journal of Computer Science & Information Technology,Vol. 3, No. 1, pp.42–44 ,Jan. 2013. 2. James Cannady, “Artificial Neural Networks for Misuse Detection” National Information Systems Security Conference, 1998. 3. Mehdi MORADI and Mohammad ZULKERNINE,“A Neural Network Based System for Intrusion Detection and Classification of Attacks”, Natural Science and Engineerign Research Council of Canada(NSERC). 4. S.Saravanakumar Umamaheshwari, “Devlopement and Implementation of artificial Neural networks for Intrusion detection in computer networks”, IJCSNS International Journal Of computer Science and Network Security, VOL 10, No7, July2010. 5. Gerhard PAAß1, Wolf REINHARDT, Stefan RÜPING, and Stefan WROBEL, “Data Mining for Security and Crime Detection”. 6. Bhavani Thuraisingham, Latifur Khan, Mohammad M. Masud, Kevin W. Hamlen, “Data Mining for Security Applications”, IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, 2008. 7. Luis von Ahn, Manuel Blum, Nicholas J. Hopper, and John Langford, “CAPTCHA:Using Hard AI Problems For Security”,Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques ,EUROCRYPT'03,Pages 294-311,2003. 8. Jayant V. Kulkarni, Raghunath. S. Holambe, Bhushan D. Patil, “.Network Security: Pattern Recognition Approach (Biometrics based Person Authentication), Proceedings of National Seminar on Unmanned Ground Vehicle, Vehicles Research & Development Establishment,27-28 Feb. 2006. 9. Patricia Melin, Alejandra Mancilla, Miguel Lopez, Jose Soria, Oscar Castillo, “Pattern Recognition for Industrial Monitoring and Security using the Fuzzy Sugeno Integral and Modular Neural Networks”, IJCNN 2007. 10. Sizwe M.Dhlamini, Michel o kachienga,T Marwala, “Artificial intelligence as an Aide in management of security Technology”, Members IEEE ,IEEE Africon 2007.
  30. 30. An Overview on Use of Artificial Intelligence Techniques in Effective security management 2015-16[Type text] [Type text] [Type text] Dept of Ekectrical & Electronins Engineering, Ghousia College of engineering Page 30 11. Thakare .S.P. and Ali M.S., “Network intrusion detection system & fuzzy logic”, BIOINFO Security Informatics ISSN: 2249-9423 & EISSN: 2249-9431, Volume 2, Issue 1, 2012. 12. Muhammad Anwaar Saeed, Muhammad Saleem Khan, Khalil Ahmed, Umer Farooq, “Smart Home Security System using Fuzzy Logic International Journal of Scientific & Engineering Research”, Volume 2, Issue 6, June-2011. 13. Göztepe, Kerim, “Designing a Fuzzy Rule Based Expert System for Cyber Security”,International Journal of Information Security Science, Vol. 1 Issue 1, p13,March2012. 14. Emmanuel Hooper “Intelligent Techniques for Effective Network Protocol Security Monitoring, Measurement and Prediction”, International Journal of Security and Its ApplicationsVol.2, No.4, October, 2008.

×