Detecting malicious groups of agents

2004 IEEE 1st Symposium on Multi-Agent Security and Survivability

Volumn , Issue , 2004, Pages 90-99

  Braynov, Sviatoslav ^a   Jadliwala, Murtuza ^b  

^a UNIVERSITY OF ILLINOIS AT SPRINGFIELD   (United States)

^b State Univ of New York at Buffalo ^*  (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COORDINATION GRAPHS; MULTIPLE MALICIOUS AGENTS; NEUTRAL AGENTS; SOFTWARE ROBOTS;

ALGORITHMS; DATABASE SYSTEMS; ELECTRONIC DOCUMENT IDENTIFICATION SYSTEMS; GRAPH THEORY; ROBOTS; SYNCHRONIZATION; WEBSITES;

MULTI AGENT SYSTEMS;

EID: 17644409790     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (40)

1. National Strategy to Secure Cyberspace. The White House, February 14, 2003.
2. C. Boutilier and R. Brafman. Partial-order planning with concurrent interacting actions. Journal of Artificial Intelligence Research, 14:105-136, 2001.
3. S. Braynov. On future avenues for distributed attacks. In Proceedings of the 2nd European Conference on Information Warfare and Security (ECIW), Reading, UK, 2003.
4. S. Braynov. On detecting malicious networks. In Proceedings of the 3nd European Conference on Information Warfare and Security (ECIW), London, UK, 2004.
5. S. Braynov and M. Jadliwala. Representation and analysis of coordinated attacks. In Formal Methods in Security Engineering: From Specifications to Code, Washington D.C., 2003.
6. H. Bui, S. Venkatesh, and G. West. Policy recognition in the abstract hidden Markov models. Journal of Artificial Intelligence Research, 17:451-499, 2002.
7. E. Charniak and R. Goldman. A bayesian model of plan recognition. Artificial Intelligence, 64(1):53-79, 1993.
8. P. Cohen, C. Perrault, and J. Allen. Beyond question answering. In W. Lehnert and M. Ringle, editors, Strategies for Natural Language Processing, pages 245-274. 1981.
9. E. Cole. Hackers be ware. New Riders, 2002.
10. F. Cuppens, F. Autrel, A. Miege, and S. Benferhat. Recognizing malicious intention in an intrusion detection process. In Second International Conference on Hybrid Intelligent Systems (HIS 2002), 2002.
11. F. Cuppens and A. Miege. Alert correlation cooperative intrusion detection framework. In Proceedings of the 2002 IEEE Symposium on Security and Privacy, pages 202-215, 2002.
12. F. Cuppens and R. Ortalo. LAMBDA: A language to model a database for detection of attacks. In the ACM Workshop on data mining for security applications, pages 1-13, 2001.
13. O. Dain and R. Cunningham. Fusing a heterogeneous alert stream into scenarios. In DARPA Information Survivability Conference and Exposition, pages 146-161, Anaheim, California, 2001.
14. S. Eckmann, G. Vigna, and R. Kemmerer. STATL: An attack language for state-based intrusion detection, 2000.
15. J. Eilbert, D. Carmody, D. Fu, T. Santarelli, D. Wischusen, and J. Donmoyer. Reasoning about adversarial intent in asymmetric situations. In In Proceedings of the AAAI Fall Symposium on Intent Inference for Users, Teams, and Adversaries, North Falmouth, Massachusetts, 2002.
16. C. Geib and R. Goldman. Plan recognition in intrusion detection systems. In DARPA Information Survivability Conference and Exposition (DISCEX II'01), pages 46-55, 2001.
17. A. Householder, K. Houle, and C. Dougherty. Computer attack trends challenge internet security. Security and Privacy, 1, 2002.
18. Intersect Alliance. Snare host based intrusion detection agent for Linux, 2004.
19. S. Jha, O. Sheyner, and J.Wing. Two formal analysis of attack graphs. In Computer Security Foundations Workshop (CSFW), pages 49-63, Nova Scotia, Canada, 2002.
20. S. Jha and J. Wing. Survivability analysis of networked systems. In International Conference on Software Engineering, pages 307-317, Toronto, Canada, 2001.
21. G. Kaminka, D. Pynadath, and M. Tambe. Monitoring teams by overhearing: A multi-agent plan-recognition approach. Journal of Artificial Intelligence Research, 17:83-135, 2002.
22. H. Kautz and J. Allen. Generalized plan recognition. In In Proceedings of AAAI-86, pages 32-37, 1986.
23. C. Ko, M. Ruschitzka, and K. Levitt. Execution monitoring of security-critical programs in distributed systems: A specification-based approach. In IEEE Symposium on Security and Privacy, pages 175-187, 1987.
24. L. Lamport. Time, clocks, and the ordering of events in a distributed system. Communications of the ACM, pages 558-565, 1978.
25. U. Lindqvist and P. Porras. Detecting computer and network misuse through the production-based expert system toolset (p-best). In Proceedings of the 1999 IEEE Symposium on Security: and Privacy, pages 146-161, Oakland, California, 1999.
26. Linux Security Module. Information-technology promotion agency, Japan, http://www.ipa.go.jp/stc/ida/download.html, 2003.
27. P. Ning, Y. Cui, and D. Reeves. Constructing attack scenarios through correlation of intrusion alerts. In The ACM Conference on Communication and Computer Security, 2002.
28. P. Ning, D.Xu, C. Healey, and R. Amant. Building attack scenarios through integration of complementary alert correlation methods. In in Proceedings of the 11th Annual Network and Distributed System Security Symposium (NDSS '04), pages 97-111, 2004.
29. P. Ning and D. Xu. Learning attack strategies from intrusion alerts. In The ACM Conference on Communication and Computer Security, pages 200-209, 2003.
30. S. Northcutt and J.Novak. Network Intrusion Detection. New Riders, 2002.
31. C. Phillips and L. Swiler. A graph-based system for network-vulnerability analysis. In Proceedings of the 1998 Workshop on New Security Paradigms, pages 71-79, 1998.
32. P. Porras. STAT: A state transition analysis tool for intrusion detection. Master's Thesis, Computer Science Department, Univ. of California, Santa Barbara, 1992.
33. D. Pynadath and M. Wellman. Probabilistic state-dependent grammars for plan recognition. In Proceedings of the 16th Annual Conference on Uncertainty in Artificial Intelligence, pages 507-514, 2000.
34. Restore Exploit. http://www.securiteam.com/exploits/6u0061f0ak.html, 2004.
35. B. Schneier. Attack trees: Modelling security threats. Dr. Dobb's Journal, December, 1999.
36. L. Spitzner. Honeypot Technologies Inc. Personal communication, 2003.
37. S. Staniford, J. Hoagland, and J. McAlerney. Practical automated detection of stealthy portscans. Journal of Computer Security, 10:105-136, 2002.
38. Sun Microsystem. Sun Security and Auditing, SunSHIELD Basic Security Module, November 1993.
39. S. Templeton and K. Levitt. A requires/provides model for computer attacks. In New Security Paradigms Workshop, pages 31-38, 2000.
40. A. Valdes and K. Skinner. Probabilistic alert correlation. In In Proceedings of RAID 2001, pages 54-68, 2001.