ID - PowerPoint PPT Presentation

About This Presentation
Title:

ID

Description:

AI? 2.0. V. CBR 4.0 (ra) Machine config. vulnerability. Vulnerability ... 8.0 The rejections from the AI 2.0 are evaluated and the information is used to ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 5
Provided by: panamaci
Learn more at: http://www.cs.fsu.edu
Category:
Tags: ai

less

Transcript and Presenter's Notes

Title: ID


1
raw packets
xml
ID CBR 1.0 (ra)
V CBR 4.0 (ra)
IDV AI? 2.0
alert
vulnerability
rejections??
Modify ??? 8.0
denial
Modify parameters of metadata 3.0
Learning
potential problem
Learning
Install and Restart 6.0
Retrieve Patch 7.0
patch
Fix Vulnerability 5.0 (ra)
patch
patch
Machine
broker
Language needed?
2
raw packets
xml
ID CBR 1.0 (ra)
IDV AI? 2.0
alert
vulnerability
denial
Modify parameters of metadata 3.0
1.0 the raw packets enter the CBR and are
evaluated against the snort case library and the
ID metadata. 2.0 the alerts are evaluated
against known vulnerabilities and denial of
alerts occurs thus filtering false alerts 3.0
The ID CBR metadata is updated with the learned
denial information n
Learning
1.0 written with a reflective architecture and
metadata regarding cases. 2.0 currently under
research to determine how to evaluate
vulnerabilities to obtain denials. 3.0 need to
think about metameta reflection here to update
the ID CBR, might be reusable elsewhere
3
2.0 the alerts are evaluated against known
vulnerabilities and denial of alerts occurs thus
filtering false alerts AND also rejections on
false vulnerabilities are identified 4.0 the
vulnerabilities identified by the machine
configuration enter and are evaluated against the
vulnerability case library or perhaps this is a
database (not cases) . There may need to be a
meta definition of these vulnerabilities not sure
here. 8.0 The rejections from the AI 2.0 are
evaluated and the information is used to modify
the vulnerability case or database. This allows
learning to not have false vulnerabilities
V CBR 4.0 (ra)
IDV AI? 2.0
vulnerability
rejections??
Modify ??? 8.0
Learning
potential problem
2.0 currently under research to determine how to
evaluate vulnerabilities to obtain denials AND
how to evaluate alerts to generate rejections .
4.0 written in reflective architectures using
vulnerability casebase or database metadata 8.0
may be able to use metameta arch from 3.0
currently under research
4
5.0 receives potential problem of a vulnerability
that needs repairing and it retrieves the needed
patch from the patch broker . 6.0 The patch is
received and installed on the machine, there may
be a need to restart the machine. 7.0 Here the
process brokers with the vendors or perhaps a
disparte database to obtain the needed fix for
the potential problem
7.0 this is a negotiating program acting as a
broker. May require a ebXML extension 2.0
currently under research should use reflective
architecture 6.0 requires some metadata about
machine
potential problem
Install and Restart 6.0
Retrieve Patch 7.0
Fix Vulnerability 5.0 (ra)
patch
patch
patch
Machine
broker
Language needed?
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "ID" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!