TítuloA Cognitive Assistant for Network Administration
We are developing a first prototype of an agent-aided intrusion detection tool called Alba (ALert BArrage) that assists a network administrator´s decision making, reducing the burdensome output produced by current intrusion detection systems (IDSes). This work describes the cognitive machinery that allows Alba to reason about computer secutity incidents and learn the salient features of an incident so that they can be later employed to recognize similar situations and predict the likely effects of a new attack.