Many real world security and digital forensics tasks involve the analysis of large amounts of data and the need to be able to classify parts of that data into sets that are not well or even easily defined. Rule based systems can work well and efficiently for simple scenarios where the security or forensics incident can be well specified. However, such systems do not cope as well where there is uncertainty, where the IT system under consideration is complex or where there is significant and rapid change in the methods of attack or compromise. Artificial Intelligence (AI) is an area of computer science that has concentrated on pattern recognition and in this extended abstract we highlighted some of the main themes in AI and their appropriateness for use in a security and digital forensics context.
- Knowledge Representation
- Domain Ontology
- Exploratory Data Analysis
- Artificial Intelligence Technique
- Bidirectional Associative Memory