Abstract
D.Phil.
Computer-based information systems will probably always have to contend with security
issues. Much research have already gone into the field of information security.
These research results have yielded some very sophisticated and effective
security mechanisms and procedures. However, due to the ever increasing sophistication
of criminals, combined with the ever changing and evolving information
technology environment, some limitations still exist within the field of information
security.
Recent years have seen the proliferation of products embracing so-called artificial
intelligence technologies. These products are in fields as diverse as engineering,
business and medicine. The successes achieved in these fields pose the question
whether artificial intelligence has a role to play within the field of information security.
This thesis discusses limitations within information security and proposes ways in
which artificial intelligence can be effectively applied to address these limitations.
Specifically, the fields of authentication and risk analysis are identified as research
fields where artificial intelligence has much to offer. These fields are explored in the
context of their limitations and ways in which artificial intelligence can be applied to
address these limitations.
This thesis identifies two mainstream approaches in the attainment of artificial
intelligence. These mainstream approaches are referred to as the "traditional"
approach and the "non-traditional" approach. The traditional approach is based on
symbolic processing, as opposed to the non-traditional approach, which is based on
an abstraction of human reasoning. A representative technology from each of these
mainstream approaches is selected to research their applicability within information
security.
Actual working prototypes of artificial intelligence techniques were developed to
substantiate the results obtained in this research.