This is the capstone project of the MITS program at CMU.
Scone is an open-source knowledge-base (KB) system designed to be integrated to different software applications. It provides a set of rules to represent symbolic knowledge about the world and efficient search and inference algorithm on the knowledge-base. In the long run, Scone is intended to become a standard component for people writing knowledge-based software, a knowledge-base could be used in as many different ways as databases are used today.
In this project, we want to apply Scone in security scenario, specifically, in the field of incident management. Incident management includes detecting and responding to computer security incidents as well as protecting critical data and systems to prevent incidents from happening. Responding to computer security incidents does not happen in isolation. Actions taken to prevent or mitigate ongoing and potential computer security events and incidents can involve tasks performed by a wide range of participants across the enterprise. Given the complexity of the task, we want to utilize the inference power of Scone system for effectively detecting, analyzing, and responding to computer security incidents.