LAHORE UNIVERSITY OF MANAGEMENT SCIENCES
RESEARCH TRENDS IN
ARTIFICIAL INTELLIGENCE
(CS 631)
“PROJECT PROPOSAL”
Submitted To:
Dr. Asim Karim
Dr. Mian Mohammad Awais
Submitted By:
Group 2
Aneela Laeeq (2005-02-0023)
Omar Ehtisham Anwar (2005-02-0129)
Neural Technology and Fuzzy Systems in Network Security
Problem Statement
Network security is a widely used term within the field of Information
Technology. A network can fall prey to attackers through any connections that
one has with the outside world which could include internet connections, dial-up
modems, and even physical access. In order to protect a network from any
malicious activity or outside world intrusion, one has to be aware of all possible
entry avenues and each venue should have an at least some level of security to
protect the system from outside intervention.
Solution
“A Neural Security Layer”
Based on neural technologies that are proposed in this document, the idea of
developing a Neural Security Layer comes into the fore in order to curb the
problems faced in securing a network. When expert security personnel use
neural security applications to form a Neural Security Layer, it enables the
enterprise to achieve a true defense-in-depth security architecture. Neural
applications perform the analytic heavy-lifting, enabling network and security
personnel to devote more time to the tasks that will never be delivered by
software or devices alone — eliminating vulnerabilities, optimizing network
performance and serving the needs of end users.
Artificial Neural Networks (ANNs) as well as Fuzzy Systems (FSs) are
increasingly being made of use in many intelligent system designs.
Neural applications use complex mathematical algorithms to scour vast amounts
of data and categorize it in much the same fashion as a human would. But neural
applications can examine far more data in less time than a human can, bubbling
up to the top those events that appear suspicious enough to warrant human
attention. As security administrators deal with these events, the actions they take
are added to the knowledge base, enabling the neural system to continually
“learn” more about its environment.
Neural techniques seek to constantly classify all new events and highlight those
that appear most threatening, allowing the security expert to be the final arbiter
of what is and is not an actual threat. In the process, the system constantly
updates itself, learning more about its environment.
Technologies including fuzzy clustering and kernel classifiers allow network
security systems to continually learn about the environment in which they
function. The system will identify events that are out of the ordinary and that
have not already been classified as benign. In that fashion, such a network
security apparatus allows the security professional to quickly home in on events
that may be harmful, out of the thousands of events that occur each day or even
each hour. The security professional can then take action, even if that action is
only to classify the event into an established category, perhaps even one that
requires no action.
Fuzzy clustering:
The neural technology works by “training” itself, creating a baseline profile of
the network in various states to determine what happens under normal
conditions. It determines what different users do - the resources they typically
request, what types of files they transfer and so on. All those routine events are
then grouped into clusters that represent normal activity.
Kernel classifiers:
Kernel classifiers are employed when an event or group of events comes along
that cannot be neatly classified into an existing cluster. The classifiers use
algorithms that allow the system to determine which cluster the event most
likely belongs to. The algorithms are based on non-linear distribution laws,
which use statistics to track what happens over extended periods of time.