By Topic

Rule+exception strategies for security information analysis

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Yiyu Yao ; Dept. of Comput. Sci., Regina Univ., Sask., Canada ; Fei-Yue Wang ; D. Zeng ; Jue Wang

Broadly defined, intelligence and security informatics is "the study of the use and development of advanced information technologies, systems, algorithms, and databases for national- and homeland-security-related applications". Processing security-related information is a critical component of ISI research, which involves studying a wide range of technical and systems challenges related to the acquisition, collection, storage, retrieval, synthesis, analysis, visualization, presentation, and understanding of security-related information. Our research aims to develop a unified data description and understanding framework to enable discovery of useful knowledge and events from data sets related to international, homeland, or other types of security. In particular, this article focuses on a common security information analysis task: how to develop an efficient knowledge representation framework and related automated learning and mining mechanisms to describe and identify abnormal situations or behavior. We advocate the use of a specific knowledge representation and data mining framework based on rules and exceptions for analysis of security-related information. In this rule+exception framework, normal and abnormal situations or behaviors occur as pairs of dual entities: rules succinctly summarize normal situations, and exceptions characterize abnormal situations. The rule+exception approach -which closely resembles how humans understand, organize, and use knowledge -has the potential to evolve into a unified, multilevel data description and understanding framework applicable across many security informatics applications.

Published in:

IEEE Intelligent Systems  (Volume:20 ,  Issue: 5 )