Method for Attack Tree Data Transformation and Import Into IT Risk Analysis Expert Systems

Information technology (IT) security risk analysis preventatively helps organizations in identifying their vulnerable systems or internal controls. Some researchers propose expert systems (ES) as the solution for risk analysis automation since risk analysis by human experts is expensive and timely. By design, ES need a knowledge base, which must be up to date and of high quality. Manual creation of databases is also expensive and cannot ensure stable information renewal. These facts make the knowledge base automation process very important. This paper proposes a novel method of converting attack trees to a format usable by expert systems for utilizing the existing attack tree repositories in facilitating information and IT security risk analysis. The method performs attack tree translation into the Java Expert System Shell (JESS) format, by consistently applying ATTop, a software bridging tool that enables automated analysis of attack trees using a model-driven engineering approach, translating attack trees into the eXtensible Markup Language (XML) format, and using the newly developed ATES (attack trees to expert system) program, performing further XML conversion into JESS compatible format. The detailed method description, along with samples of attack tree conversion and results of conversion experiments on a significant number of attack trees, are presented and discussed. The results demonstrate the high method reliability rate and viability of attack trees as a source for the knowledge bases of expert systems used in the IT security risk analysis process.

Download Full-text

Automated Expert System Knowledge Base Development Method for Information Security Risk Analysis

International Journal of Computers Communications & Control ◽

10.15837/ijccc.2019.6.3668 ◽

2019 ◽

Vol 14 (6) ◽

pp. 743-758 ◽

Cited By ~ 1

Author(s):

Donatas Vitkus ◽

Žilvinas Steckevičius ◽

Nikolaj Goranin ◽

Diana Kalibatienė ◽

Antanas Čenys

Keyword(s):

Expert System ◽

Information Security ◽

Risk Analysis ◽

Knowledge Base ◽

Expert Knowledge ◽

Management Decision ◽

Problem Solution ◽

Security Risk ◽

Development Method ◽

Information Security Risk

Information security risk analysis is a compulsory requirement both from the side of regulating documents and information security management decision making process. Some researchers propose using expert systems (ES) for process automation, but this approach requires the creation of a high-quality knowledge base. A knowledge base can be formed both from expert knowledge or information collected from other sources of information. The problem of such approach is that experts or good quality knowledge sources are expensive. In this paper we propose the problem solution by providing an automated ES knowledge base development method. The method proposed is novel since unlike other methods it does not integrate ontology directly but utilizes automated transformation of existing information security ontology elements into ES rules: The Web Ontology Rule Language (OWL RL) subset of ontology is segregated into Resource Description Framework (RDF) triplets, that are transformed into Rule Interchange Format (RIF); RIF rules are converted into Java Expert System Shell (JESS) knowledge base rules. The experiments performed have shown the principal method applicability. The created knowledge base was later verified by performing comparative risk analysis in a sample company.

Download Full-text

Development of rules in expert systems for the analysis and evaluation of telecommunications

Informacionno-technologicheskij vestnik ◽

10.21499/2409-1650-2017-2-47-63 ◽

2017 ◽

Vol 12 (2) ◽

pp. 47-63 ◽

Cited By ~ 1

Author(s):

T. S. Abbasova

Keyword(s):

Expert System ◽

Expert Systems ◽

Knowledge Base ◽

Noise Immunity ◽

Knowledge Bases ◽

Analysis And Evaluation ◽

Telecommunications Infrastructure ◽

Telecommunication Systems ◽

Characteristic Features ◽

Developing Knowledge

Typical malfunctions that may occur in telecommunication systems due to the failure to meet the noise immunity requirements, as well as the characteristic features that can identify these problems, are analyzed. In the process of developing the knowledge base for the expert system for assessing the telecommunications infrastructure, the existing tools for developing knowledge bases have been improved.

Download Full-text

Dynamic Expert System-Based Geographically Adapted Malware Risk Evaluation Method

International Journal of Computers Communications & Control ◽

10.15837/ijccc.2020.3.3865 ◽

2020 ◽

Vol 15 (3) ◽

Cited By ~ 1

Author(s):

Donatas Vitkus ◽

Justina Jezukevičiūtė ◽

Nikolaj Goranin

Keyword(s):

Risk Assessment ◽

Expert System ◽

Information Security ◽

Expert Systems ◽

Knowledge Base ◽

Risk Evaluation ◽

Proper Solution ◽

Security Risk ◽

Information Security Risk ◽

Base Formation

Fast development of information systems and technologies while providing new opportunities for people and organizations also make them more vulnerable at the same time. Information security risk assessment helps to identify weak points and preparing mitigation actions. The analysis of expert systems has shown that rule-based expert systems are universal, and because of that can be considered as a proper solution for the task of risk assessment automation. But to assess information security risks quickly and accurately, it is necessary to process a large amount of data about newly discovered vulnerabilities or threats, to reflect regional and industry specific information, making the traditional approach of knowledge base formation for expert system problematic. This work presents a novel method for an automated expert systems knowledge base formation based on the integration of data on regional malware distribution from Cyberthreat real-time map providing current information on newly discovered threats. In our work we collect the necessary information from the web sites in an automated way, that can be later used in a relevant risk calculation. This paper presents method implementation, which includes not only knowledge base formation but also the development of the prototype of an expert system. It was created using the JESS expert system shell. Information security risk evaluation was performed according to OWASP risk assessment methodology, taking into account the location of the organization and prevalent malware in that area.

Download Full-text

Diabetes Mellitus - Evaluating the Diagnostic Probabilities

Healthcare Information Systems ◽

10.4018/978-1-878289-62-9.ch008 ◽

2011 ◽

pp. 169-177

Author(s):

Adi Armoni

Keyword(s):

Diabetes Mellitus ◽

Decision Making ◽

Expert System ◽

Expert Systems ◽

Knowledge Base ◽

Decision Maker ◽

Knowledge Bases ◽

Bayesian Theory ◽

Logical Conclusion ◽

Human Decision

The article examines the behavior of the human decision-maker. It surveys research in which about 90 physicians specializing in various fields and with different degrees of seniority participated. It tackles the question of whether it is possible to found the majority of the knowledge bases of the expert systems on the Bayesian theory. We will discuss the way of decision making conforming to the probabilities evaluated according to the Bayesian theory. The logical conclusion, therefore, is that the development of a knowledge base for an expert system founded on probabilities calculated in accordance with the Bayesian theory must be carried out in a controlled manner and depend on the parameters mentioned above.

Download Full-text

Validating the Knowledge Base of a Therapy Planning System

Methods of Information in Medicine ◽

10.1055/s-0038-1635547 ◽

1989 ◽

Vol 28 (01) ◽

pp. 36-50 ◽

Cited By ~ 21

Author(s):

M. A. Shwe ◽

S. W. Tu ◽

L. M. Fagan

Keyword(s):

Expert System ◽

Cancer Therapy ◽

Expert Systems ◽

Knowledge Base ◽

Knowledge Bases ◽

Planning System ◽

Test Cases ◽

Parallel Model ◽

Therapy Planning ◽

System Knowledge

Abstract:Validation of expert system knowledge bases has proved to be difficult. This paper presents a description of a system called ScriptGen that generates test data for validating the knowledge base of the ONCOCIN cancer therapy planning system. Because of the size and complexity of the ONCOCIN knowledge base, we require tools for automated validation. ScriptGen, which applies techniques developed in testing both traditional software and expert systems, uses a parallel model of the ONCOCIN knowledge base and its own inference engine to generate test cases. We derived the limits of the system from a study that seeded errors into an existing knowledge base.

Download Full-text

Fundamentals of creating MIVAR expert systems

10.12737/1513119 ◽

2021 ◽

Author(s):

Oleg Varlamov

Keyword(s):

Artificial Intelligence ◽

Decision Support ◽

Expert System ◽

Expert Systems ◽

Decision Support Systems ◽

Intelligent Systems ◽

Autonomous Robots ◽

Support Systems ◽

Knowledge Bases ◽

Computer Engineering

Methodological and applied issues of the basics of creating knowledge bases and expert systems of logical artificial intelligence are considered. The software package "MIV Expert Systems Designer" (KESMI) Wi!Mi RAZUMATOR" (version 2.1), which is a convenient tool for the development of intelligent information systems. Examples of creating mivar expert systems and several laboratory works are given. The reader, having studied this tutorial, will be able to independently create expert systems based on KESMI. The textbook in the field of training "Computer Science and Computer Engineering" is intended for students, bachelors, undergraduates, postgraduates studying artificial intelligence methods used in information processing and management systems, as well as for users and specialists who create mivar knowledge models, expert systems, automated control systems and decision support systems. Keywords: cybernetics, artificial intelligence, mivar, mivar networks, databases, data models, expert system, intelligent systems, multidimensional open epistemological active network, MOGAN, MIPRA, KESMI, Wi!Mi, Razumator, knowledge bases, knowledge graphs, knowledge networks, Big knowledge, products, logical inference, decision support systems, decision-making systems, autonomous robots, recommendation systems, universal knowledge tools, expert system designers, logical artificial intelligence.

Download Full-text

Mivar databases and rules

10.12737/1508665 ◽

2021 ◽

Author(s):

Oleg Varlamov

Keyword(s):

Artificial Intelligence ◽

Decision Support ◽

Expert System ◽

Expert Systems ◽

Decision Support Systems ◽

Support Systems ◽

Knowledge Bases ◽

Data Models ◽

Active Network ◽

New Model

The multidimensional open epistemological active network MOGAN is the basis for the transition to a qualitatively new level of creating logical artificial intelligence. Mivar databases and rules became the foundation for the creation of MOGAN. The results of the analysis and generalization of data representation structures of various data models are presented: from relational to "Entity — Relationship" (ER-model). On the basis of this generalization, a new model of data and rules is created: the mivar information space "Thing-Property-Relation". The logic-computational processing of data in this new model of data and rules is shown, which has linear computational complexity relative to the number of rules. MOGAN is a development of Rule - Based Systems and allows you to quickly and easily design algorithms and work with logical reasoning in the "If..., Then..." format. An example of creating a mivar expert system for solving problems in the model area "Geometry"is given. Mivar databases and rules can be used to model cause-and-effect relationships in different subject areas and to create knowledge bases of new-generation applied artificial intelligence systems and real-time mivar expert systems with the transition to"Big Knowledge". The textbook in the field of training "Computer Science and Computer Engineering" is intended for students, bachelors, undergraduates, postgraduates studying artificial intelligence methods used in information processing and management systems, as well as for users and specialists who create mivar knowledge models, expert systems, automated control systems and decision support systems. Keywords: cybernetics, artificial intelligence, mivar, mivar networks, databases, data models, expert system, intelligent systems, multidimensional open epistemological active network, MOGAN, MIPRA, KESMI, Wi!Mi, Razumator, knowledge bases, knowledge graphs, knowledge networks, Big knowledge, products, logical inference, decision support systems, decision-making systems, autonomous robots, recommendation systems, universal knowledge tools, expert system designers, logical artificial intelligence.

Download Full-text

Knowledge-acquisition tools with explicit problem-solving models

The Knowledge Engineering Review ◽

10.1017/s0269888900000047 ◽

1993 ◽

Vol 8 (1) ◽

pp. 5-25 ◽

Cited By ~ 8

Author(s):

William Birmingham ◽

Georg Klinker

Keyword(s):

Expert System ◽

Problem Solving ◽

Expert Systems ◽

Knowledge Acquisition ◽

Knowledge Base ◽

Code Generation ◽

System Development ◽

Generalization Error ◽

Domain Experts ◽

The Past

AbstractIn the past decade, expert systems have been applied to a wide variety of application tasks. A central problem of expert system development and maintenance is the demand placed on knowledge engineers and domain experts. A commonly proposed solution is knowledge-acquisition tools. This paper reviews a class of knowledge-acquisition tools that presuppose the problem-solving method, as well as the structure of the knowledge base. These explicit problem-solving models are exploited by the tools during knowledge-acquisition, knowledge generalization, error checking and code generation.

Download Full-text

A FUZZY DISTRIBUTED EXPERT SYSTEM DESIGN TOOL EXGEN AND ITS APPLICATION TO SENSORY FOODSTUFF EVALUATION

International Journal of Uncertainty Fuzziness and Knowledge-Based Systems ◽

10.1142/s0218488599000337 ◽

1999 ◽

Vol 07 (04) ◽

pp. 383-388

Author(s):

THANH THUY NGUYEN ◽

TOAN THANG NGUYEN ◽

BINH CUONG THAC ◽

DINH KHANG TRAN

Keyword(s):

Expert System ◽

Expert Systems ◽

Knowledge Bases ◽

Design Tool ◽

Rule Base ◽

Production Rules ◽

Linguistic Terms ◽

University Of Technology ◽

Fuzzy Expert Systems ◽

And Control

Since the appearance of MYCIN, expert systems have been widely and successfully developed for various scientific and technological researches and applications. These applications require more and more fuzzy information resources because of the uncertainty, inexactness in labeling facts using linguistic terms and expressing human expertise. Sensory foodstuff evaluation is among this kind of fuzzy expert system applications. In the frame of the research project on fuzzy expert systems for science and technology at the Hanoi University of Technology, we have developed an expert system building tool called EXGEN which has the following features: – Knowledge editing in the form of production rules using Vietnamese in the natural language-like syntax. The tool is also capable to verify the consistency of an acquired knowledge base. – Inference engine consisting of two principal inference mechanisms (forward and backward inference) and control strategy module. We proposed also some heuristics for choosing a potential inference trace, allowing to get more information about conclusions. – Possibility of establishing a configuration for a distributed working session. It would be possible to carry out: + a deduction over a shared rule base (RB) in the server, based on information acquired from workstations (common RB and conclusion, distributed fact base (FB)) + a deduction over a shared RB in the server with different cognitive tasks (including hypotheses fact and conclusions) on workstations (common RB and distributed FB) + deductions on workstations with distributed knowledge bases (Distributed RB and FB) We have already implemented an application expert system SENEXSYS for sensory foodstuff evaluation using the building tool EXGEN. Experimental results have shown that qualification given by the expert system is comparable to evaluation results obtained by following up Vietnamese standard TCVN 3215.79

Download Full-text

Analysis of Expert System in the Field of Machine Design

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.479-481.565 ◽

2012 ◽

Vol 479-481 ◽

pp. 565-568

Author(s):

Hong Qi Luo ◽

Meng Yu Wang

Keyword(s):

Expert System ◽

Expert Systems ◽

Knowledge Acquisition ◽

Inference Engine ◽

Knowledge Bases ◽

Machine Design ◽

Computer Interface ◽

Human Computer Interface ◽

Design Expert ◽

Cad System

Intelligent CAD system can be formed if integrating the expert system and mechanical CAD. Components of expert system were analyzed, including integrated databases, knowledge bases, knowledge acquisition, inference engine, explanation mechanism and human-computer interface. The model of design-evaluate-redesign was introduced and discussed. Current situation of research on design expert systems was summarized.

Download Full-text