skip to main content
10.1145/1298406.1298410acmconferencesArticle/Chapter ViewAbstractPublication Pagesk-capConference Proceedingsconference-collections
Article

Evaluation of a temporal-abstraction knowledge acquisition tool in the network security domain

Published: 28 October 2007 Publication History

Abstract

In this paper we describe the design and evaluation of the Temporal Knowledge Master, a graphical knowledge-acquisition (KA) tool used for entering the knowledge re-quired by any implementation of the Knowledge-Based Temporal Abstraction (KBTA) method. The KBTA method provides mechanisms that perform derivation of context-specific, interval-based abstract interpretations (also known as Temporal Abstractions) from raw time-stamped data, by using a domain-specific knowledge-base. The study evalu-ated the functionality and usability of the KA tool in the computer-network security domain.

References

[1]
Allen J.F. Towards a general theory of action and time, Artificial Intelligence 23(2), 1984.
[2]
Barker K. et al. A Knowledge Acquisition Tool for Course of Action Analysis, in Proc.of the 5th Innovative Applications of Artificial Intelligence Conference (IAAI--03), 2003.
[3]
Boose J. and Bradshaw J. Expertise Transfer and Complex Problems: Using AQUINAS as a Knowledge Acquisition Workbench for Knowledge-Based Systems. International Journal of Man-Machine Studies 26, 21--25, 1986.
[4]
Brooke J. System Usability Scale (SUS): A Quick and--Dirty Method of System Evaluation User Information. Digital Equipment Co Ltd, Reading, UK, 1986.
[5]
Chaudhri V. et al. Graph-Based Acquisition of Expressive Knowledge, in Proc. Of the European Knowledge Acquisition Workshop (EKAW'04), 2004.
[6]
Chittaro L. and Combi C. Visualizing queries on databases of temporal histories: new metaphors and their evaluation. Data Knowledge Engineering, 44(2):239--264 February 2003.
[7]
Kosara R. and Miksch S. Visualization Methods for Data Analysis and Planning in Medical Applications, International Journal of Medical Informatics, 68--1--3, pp. 141--153, 2002.
[8]
Shabtai A., Shahar Y. and Elovici Y. Using the Knowledge-Based Temporal-Abstraction (KBTA) Method for Detection of Electronic Threats. the 5th European Con--ference on Information Warfare and Security (ECIW2006), Finland, June 2006.
[9]
Shabtai A., Shahar Y. and Elovici Y. Monitoring for Malware Using a Temporal-Abstraction Knowledge Base. the 8th International Symposium on Systems and Information Security (SSI2006), Brazil, November 2006.
[10]
Shabtai A., Klimov D., Shahar Y. and Elovici Y. An Innovative Visualization Tool for Exploration of Time--Oriented Security Data, ACM Workshop on Visualiza--tion for Computer Security (VizSEC2006).
[11]
Shahar Y. and Musen M.A. Knowledge-based temporal abstraction in clinical domains, Artificial Intelligence in Medicine, 8(3):267--98, 1996.
[12]
Shahar Y. A framework for knowledge-based temporal abstraction, Artificial Intelligence, 90(1--2):79--133, 1997.
[13]
Shahar Y. Dynamic temporal interpretation contexts for temporal abstraction, Annals of Mathematics and Artificial Intelligence, 22(1--2):159--192, 1998.
[14]
Shahar, Y. Knowledge-based temporal interpolation, Journal of Experimental and Theoretical Artificial Intelligence, 11:123--144, 1999.
[15]
Shahar Y., Chen H., Stites D., Basso L., Kaizer H., Wilson, D., and Musen M.A. Semi--automated acquisi--tion of clinical temporal--abstraction knowledge. Journal of the American Medical Informatics Association 6(6), 494--511, 1999.
[16]
Shoham Y. Temporal logics in AI: Semantical and ontological considerations, Artificial Intelligence, 33(1):89--104, 1987.
[17]
Wolverton M. et al. Software Supported Pattern Development in Intelligence Analysis, in Proc. of the IEEE International Conference on Computational Intelligence for Homeland Security and Personal Safety (CIHSPS '06), 2006.

Cited By

View all
  • (2018)A distributed architecture for efficient parallelization and computation of knowledge-based temporal abstractionsJournal of Intelligent Information Systems10.1007/s10844-011-0190-339:1(249-286)Online publication date: 28-Dec-2018
  • (2010)Monitoring, analysis, and filtering system for purifying network traffic of known and unknown malicious contentSecurity and Communication Networks10.1002/sec.2294:8(947-965)Online publication date: 26-Jul-2010
  • (2009)Using the KBTA method for inferring computer and network security alerts from time-stamped, raw system metricsJournal in Computer Virology10.1007/s11416-009-0125-56:3(239-259)Online publication date: 23-Jul-2009

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
K-CAP '07: Proceedings of the 4th international conference on Knowledge capture
October 2007
216 pages
ISBN:9781595936431
DOI:10.1145/1298406
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 October 2007

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. computer-network security
  2. knowledge acquisition
  3. knowledge-based temporal abstraction
  4. malicious software
  5. temporal patterns

Qualifiers

  • Article

Conference

K-CAP07
Sponsor:
K-CAP07: International Conference on Knowledge Capture 2007
October 28 - 31, 2007
BC, Whistler, Canada

Acceptance Rates

Overall Acceptance Rate 55 of 198 submissions, 28%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)0
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2018)A distributed architecture for efficient parallelization and computation of knowledge-based temporal abstractionsJournal of Intelligent Information Systems10.1007/s10844-011-0190-339:1(249-286)Online publication date: 28-Dec-2018
  • (2010)Monitoring, analysis, and filtering system for purifying network traffic of known and unknown malicious contentSecurity and Communication Networks10.1002/sec.2294:8(947-965)Online publication date: 26-Jul-2010
  • (2009)Using the KBTA method for inferring computer and network security alerts from time-stamped, raw system metricsJournal in Computer Virology10.1007/s11416-009-0125-56:3(239-259)Online publication date: 23-Jul-2009

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media