Institute of Information Theories and Applications FOI ITHEA
Abstract
Different types of ontologies and knowledge or metaknowledge connected to them are considered and
analyzed aiming at realization in contemporary information security systems (ISS) and especially the case of
intrusion detection systems (IDS) or intrusion prevention systems (IPS). Human-centered methods
INCONSISTENCY, FUNNEL, CALEIDOSCOPE and CROSSWORD are algorithmic or data-driven methods
based on ontologies. All of them interact on a competitive principle ‘survival of the fittest’. They are controlled by a
Synthetic MetaMethod SMM. It is shown that the data analysis frequently needs an act of creation especially if it
is applied to knowledge-poor environments. It is shown that human-centered methods are very suitable for
resolutions in case, and often they are based on the usage of dynamic ontologie