Artificial intelligence (AI) security corporations S2W said a study conducted jointly with researchers at Korea Advanced Institute of Science and Technology (KAIST) was published in an international academic journal.
S2W said on the 8th that a paper related to its research on a "framework for identifying the root causes of network intrusions" was accepted by Computers & Security. The journal is an information technology (IT) security journal published by Elsevier, a global corporations responsible for academic research publishing and information analysis in the science, technology, and medicine fields.
The study focuses on fundamentally identifying and analyzing the causes and relationships of various security issues that occur in complex network environments. While existing security research has mainly focused on devising methods to detect system anomalies, the paper is characterized by its focus on constructing a chronology of network events to trace the origin of attacks that triggered security incidents.
The researchers proposed an analytical method that models various elements that occur on the network—such as events, policy changes, and system states—in the form of a knowledge graph to represent relationships between incidents and identify the starting point of attacks. In addition, by deriving the root of the problem based on explainable quantitative criteria through inference grounded in "probabilistic logic," the team implemented a framework that goes beyond fragmentary log analysis to structurally understand the causes of security incidents.
Lee Seung-hyun, head of S2W's SAIP product division, said, "We will continue to advance our technology research and platform based on controllable AI so that we can effectively support the multifaceted and high-level decision-making challenges faced by public and private organizations, and we will gradually expand the scope of the solution's application."