situational awareness for cybersecurity
October 21, 2011
PDF Document - Need a reader? Get one here
We describe a current project aimed at developing a situational awareness framework to (1) detect potential new vulnerabilities from Web descriptions and discussions, extract information and map to IDS knowledge base, (2) recognize potential attacks and intrusions in data from low level intrusion detection systems and map to IDS knowledge base, and (3) integrate and reason over results of (1) and (2) to identify actual attacks.