TY - GEN
T1 - Application of clustering techniques in a network security testing system
AU - Corral, Guiomar
AU - Golobardes, Elisabet
AU - Andreu, Oriol
AU - Serra, Isard
AU - Maluquer, Elisabet
AU - Martínez, Àngel
N1 - Funding Information:
We want to thank Enginyeria i Arquitectura La Salle, Universitat Ramon Llull for their support to our research group in Intelligent Systems (2002 SGR-00/55). We also thank Ministerio de Ciencia y Tecnología and Fondo Europeo de Desarrollo Regional (FEDER) for their support under grant TIC2002-04036-C05-03, and Ministerio de Industria, Turismo y Comercio for its support under grant FIT-360000-2004-81. We also thank Pete Herzog and ISECOM for their support to this project.
PY - 2005
Y1 - 2005
N2 - Security has become a main concern in corporate networks. In order to keep a network protected it is necessary to periodically perform security tests to control devices and services, and also identify possible vulnerabilities. Never two networks behave the same way; thus, results obtained from security tests may substantially differ from one to another. In this case, trying to manually find a behavior pattern for all networks becomes a difficult task. Unsupervised techniques can help security analysts finding certain devices patterns, and also help revealing hidden problems in network security. This paper proposes a solution based on unsupervised techniques to help security analysts handling all the information obtained from security tests in order to detect abnormal groups of devices or atypical system behaviors.
AB - Security has become a main concern in corporate networks. In order to keep a network protected it is necessary to periodically perform security tests to control devices and services, and also identify possible vulnerabilities. Never two networks behave the same way; thus, results obtained from security tests may substantially differ from one to another. In this case, trying to manually find a behavior pattern for all networks becomes a difficult task. Unsupervised techniques can help security analysts finding certain devices patterns, and also help revealing hidden problems in network security. This paper proposes a solution based on unsupervised techniques to help security analysts handling all the information obtained from security tests in order to detect abnormal groups of devices or atypical system behaviors.
KW - AI applications
KW - Network security test
KW - Unsupervised learning
UR - http://www.scopus.com/inward/record.url?scp=33750547240&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:33750547240
SN - 1586035606
SN - 9781586035600
T3 - Frontiers in Artificial Intelligence and Applications
SP - 157
EP - 164
BT - Artificial Intelligence Research and Development
T2 - 8th Catalan Conference on Artificial Intelligence, CCIA 2005
Y2 - 26 October 2005 through 28 October 2005
ER -