TY - JOUR
T1 - Cyber threat analysis with structured probabilistic argumentation
AU - Leiva, Mario A.
AU - Simari, Gerardo I.
AU - Simari, Guillermo R.
AU - Shakarian, Paulo
N1 - Funding Information:
Literal L is called the conclusion supported by the argument, and A is the support of the argument. An argument hB,Li is a subargument of hA,L0i i↵ B ✓A. An argument hA,Li is presumptive i↵ A \ is not empty. We will also use ⌦(A) = A \ ⌦, ⇥(A) = A \ ⇥, (A) = A \ , and (A) = A \ .
PY - 2019
Y1 - 2019
N2 - Capturing the uncertain aspects in cyber threat analyses is an important part of a wide range of efforts, including diagnostics, threat evaluation, and preventing attacks. However, there has been insufficient research and development of modeling approaches that are able to correctly capture and handle such uncertainty. In this work, we present an application example of the DeLP3E framework - a formalism that extends structured argumentation based on logic programming - in the domain of cyber threat analysis; in particular, near real-time analyses such as incident response in enterprise networks. The DeLP3E framework provides a unique combination of dialectical reasoning, rule-based inference, and probabilistic modeling to not only offer suggested responses to given situations, but also to explain to the analyst why the system reaches its conclusions.
AB - Capturing the uncertain aspects in cyber threat analyses is an important part of a wide range of efforts, including diagnostics, threat evaluation, and preventing attacks. However, there has been insufficient research and development of modeling approaches that are able to correctly capture and handle such uncertainty. In this work, we present an application example of the DeLP3E framework - a formalism that extends structured argumentation based on logic programming - in the domain of cyber threat analysis; in particular, near real-time analyses such as incident response in enterprise networks. The DeLP3E framework provides a unique combination of dialectical reasoning, rule-based inference, and probabilistic modeling to not only offer suggested responses to given situations, but also to explain to the analyst why the system reaches its conclusions.
KW - Cyber threat analysis
KW - Defeasible reasoning
KW - Structured probabilistic argumentation
UR - http://www.scopus.com/inward/record.url?scp=85077822564&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85077822564&partnerID=8YFLogxK
M3 - Conference article
AN - SCOPUS:85077822564
SN - 1613-0073
VL - 2528
SP - 50
EP - 64
JO - CEUR Workshop Proceedings
JF - CEUR Workshop Proceedings
T2 - 3rd Workshop on Advances In Argumentation In Artificial Intelligence, AI^3 2019
Y2 - 19 November 2019 through 22 November 2019
ER -