Machine-assisted Cyber Threat Analysis using Conceptual Knowledge Discovery: – Position Paper –

International audienceOver the last years, computer networks have evolved into highly dynamic and interconnected environments, involving multiple heterogeneous devices and providing a myriad of services on top of them. This complex landscape has made it extremely difficult for security administrators to keep accurate and be effective in protecting their systems against cyber threats. In this paper, we describe our vision and scientific posture on how artificial intelligence techniques and a smart use of security knowledge may assist system administrators in better defending their networks. To that end, we put forward a research roadmap involving three complimentary axes, namely, (I) the use of FCA-based mechanisms for managing configuration vulnerabilities, (II) the exploitation of knowledge representation techniques for automated security reasoning, and (III) the design of a cyber threat intelligence mechanism as a CKDD process. Then, we describe a machine-assisted process for cyber threat analysis which provides a holistic perspective of how these three research axes are integrated together

Workshop NotesInternational Workshop ``What can FCA do for Artificial Intelligence?'' (FCA4AI 2015)

International audienceThis volume includes the proceedings of the fourth edition of the FCA4AI --What can FCA do for Artificial Intelligence?-- Workshop co-located with the IJCAI 2015 Conference in Buenos Aires (Argentina). Formal Concept Analysis (FCA) is a mathematically well-founded theory aimed at data analysis and classification. FCA allows one to build a concept lattice and a system of dependencies (implications) which can be used for many AI needs, e.g. knowledge discovery, learning, knowledge representation, reasoning, ontology engineering, as well as information retrieval and text processing. There are many ``natural links'' between FCA and AI, and the present workshop is organized for discussing about these links and more generally for improving the links between knowledge discovery based on FCA and knowledge management in artificial intelligence

A SAT-based Autonomous Strategy for Security Vulnerability Management

International audienceComputer and network systems are consistently exposed to security threats, making their management even more complex. The management of known vulnerabilities plays a crucial role for ensuring their safe configurations and preventing security attacks. However, this activity should not generate new vulnerable states. In this paper we present a novel approach for autonomously assessing and remediating vulnerabilities. We describe a detailed mathematical model that supports this activity and we formalize the remediation decision process as a SAT problem. We present a framework that is able to assess OVAL vulnerability descriptions and perform corrective actions by using XCCDF-based descriptions of future machine states and the NETCONF protocol. We also provide details of our implemen- tation and evaluate its feasibility through a comprehensive set of experiments