Cyber Threat Analysis with Structured Probabilistic Argumentation

GERARDO I. SIMARI; GUILLERMO R. SIMARI; MARIO A. LEIVA; PAULO SHAKARIAN

Rende

Workshop; 3rd Workshop on Advances in Argumentation in Artificial Intelligence (AI^3 2019); 2019

Capturing the uncertain aspects in cyber threat analyses is an important part of a wide range of e orts, including diagnostics, threat evaluation, and preventing attacks. However, there has been insucient research and development of modeling approaches that are able to correctly capture and handle such uncertainty. In this work, we present an application example of the DeLP3E framework|a formalism that extends structured argumentation based on logic programming|in the domain of cyber threat analysis; in particular, near real-time analyses such as incident response in enterprise networks. The DeLP3E framework provides a unique combination of dialectical reasoning, rule-based inference, and probabilistic modeling to not only o er suggested responses to given situations, but also to explain to the analyst why the system reaches its conclusions.