An intrusion detection and prevention model based on intelligent multi-agent systems, signatures and reaction rules ontologies

Advances in Intelligent and Soft Computing

Volumn 55, Issue , 2009, Pages 237-245

  Isaza, Gustavo A ^a   Castillo, Andrés G ^b   Duque, Néstor D ^c  

^a UNIVERSIDAD DE CALDAS   (Colombia)

^b UNIVERSIDAD PONTIFICIA DE SALAMANCA   (Spain)

^c UNIVERSIDAD NACIONAL DE COLOMBIA   (Colombia)

Author keywords

Correlation alarms; Intelligent Security; Intrusion Detection Systems; Intrusion Prevention; Multi agent systems; Ontology

Indexed keywords

AUTONOMOUS AGENTS; COMPUTER CRIME; INTELLIGENT AGENTS; INTRUSION DETECTION; NETWORK SECURITY; ONTOLOGY;

AGENT BASED ARCHITECTURES; DISTRIBUTED INTRUSION DETECTION SYSTEMS; INTELLIGENT MULTI AGENT SYSTEMS; INTELLIGENT SECURITY; INTELLIGENT TECHNIQUES; INTRUSION DETECTION AND PREVENTION; INTRUSION DETECTION SYSTEMS; INTRUSION PREVENTION;

MULTI AGENT SYSTEMS;

EID: 85006340454     PISSN: 18675662     EISSN: 18600794     Source Type: Book Series    
DOI: 10.1007/978-3-642-00487-2_25     Document Type: Conference Paper

References (36)

1. McHugh, J.: Intrusion and Intrusion Detection. International Journal of Information Security 1(1), 14–35 (2001)
2. Dasgupta, D., Gonzalez, F., Yallapu, K., Gomez, J., et al.: CIDS: An agent-based intrusion detection system. Computer and Security: Science Direct 24(5), 387–398 (2005)
3. Boukerche, A., Machado, R., Juc, K.: An agent based and biological inspired real-time intrusion detection and security model for computer network operations. Butterworth-Heinemann, 2649–2660 (2007)
4. Al-Hamami, A.H., Hashem, S.H.: A Proposed Multi-Agent System for Intrusion Detection System in a Complex Network. In: Information and Communication Technologies, ICTTA 2006, vol. 2, pp. 3552–3556 (2006)
5. Spafford, E., Zamboni, D.: Intrusion detection using autonomous agents. Computer Networks 34(4), 547–570 (2000)
6. Orfila, A., Carbo, J., Ribagorda, A.: Autonomous decision on intrusion detection with trained BDI agents. Butterworth-Heinemann, 1803–1813 (2008)
7. Herrero, A., Corchado, E., Pellicer, M., Abraham, A.: Hybrid Multi Agent-Neural Network Intrusion Detection with Mobile Visualization in Innovations in Hybrid Intelligent Systems, pp. 320–328. Springer, Heidelberg (2008)
8. Spafford, E.: Autonomous Agents for Intrusion Detection. Purdue CERIAS Center for Education and Research in Information Assurance and Security. Consulted (2008), http://www.cerias.purdue.edu/about/history/coast/projects/aafid.php
9. Ning, P.: Probalistic states in Network Security. North Carolina State University (2003)
10. Eid, M.: A New Mobile Agent-Based Intrusion detection System Using distributed Sensors. In: Proceeding of FEASC, pp. 114–125 (2004)
11. Golovko, V., Kachurka, P., Vaitsekhovich, L.: Neural Network Ensembles for Intrusion Detection. In: 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2007, pp. 578–583 (2007)
12. Oksuz, A.: Phd Thesis Unsupervised Intrusion Detection System. Informatics and Mathematical Modelling, Technical University of Denmark (2007)
13. Laskov, P., Dussel, P., Schafer, C., Rieck, K.: Learning intrusion detection: Supervised or unsupervised? In: Roli, F., Vitulano, S. (eds.) ICIAP 2005. LNCS, vol. 3617, pp. 50–57. Springer, Heidelberg (2005)
14. Duque, N., Bonilla, C.M., Bohorquez, D., Isaza, G.: Sistema Neuronal de Detección de Intrusos. In: Zapata, C.M.y.G. (ed.) Tendencias en Ingeniería de Software e Inteligencia Artificial, G.M: Medellin (Colombia), vol. 2, pp. 99–105 (2008)
15. Abadeh, M., Habibi, J., Barzegar, Z., Sergi, M.: A parallel genetic local search algorithm for intrusion detection in computer networks, pp. 1058–1069. Pergamon Press, Inc., Oxford (2007)
16. Ye, N., Li, X., Emran, S.: Decision Tree for Signature Recognition and State Classification. In: IEEE Systems, Man, and Cybernetics Information Assurance and Security Workshop, West Point, New York, pp. 194–199 (2000)
17. Garcia, P.: Intensive Use of Bayesian Belief Networks for the Unified, Flexible and Adaptable Analysis of Misuses and Anomalies in Network Intrusion Detection and Prevention Systems. In: Proceedings of the 18th International Conference on Database and Expert Systems Applications. IEEE Computer Society, Los Alamitos (2007)
18. Kumar, S.: Classification and Detection of Computer Intrusions. Department of Computer Sciences. Purdue University, Purdue (1995)
19. Li, K., Teng, G.: Unsupervised SVM Based on p-kernels for Anomaly Detection. In: Proceedings of the First International Conference on Innovative Computing, Information and Control, vol. 2. IEEE Computer Society, Los Alamitos (2006)
20. Zurutuza, U., Uribeetxeberria, R., Fernández, I., Zamboni, D.: Un marco inteligente para el análisis de tráfico generado por gusanos en internet. In: XRECSI X Reunión Espanola sobre Criptología y Seguridad de la Información, Salamanca, pp. 607–618 (2008)
21. Zurutuza, U., Uribeetxeberria, R., Azketa, E., Gil, G., et al.: Combined Data Mining Approach for Intrusion Detection. In: International Conference on Security and Criptography, Barcelona, Spain (2008)
22. Mukkamala, S., Sung, A.H., Abraham, A.: Intrusion detection using an ensem-ble of intelligent paradigms. Journal of Network and Computer Applications 28(2), 167–182 (2005)
23. Tsang, C., Kwong, S., Wang, H.: Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection, pp. 2373–2391. Elsevier Science Inc., Amsterdam (2007)
24. Undercoffer, J., Joshi, A., Pinkston, J.: Modeling Computer Attacks: An Ontology for Intrusion Detection. In: Vigna, G., Krügel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003)
25. Undercoffer, J., Finin, T., Joshi, A., Pinkston, J.: A target centric ontology for intrusion detection: using DAML+OIL to classify intrusive behaviors. In: Knowledge Engineering Review - Special Issue on Ontologies for Distributed Systems, pp. 2–22. Cambridge University Press, Cambridge (2005)
26. Mandujano, S., Galvan, A., Nolazco, J.: An ontology-based multiagent approach to outbound intrusion detection. In: The 3rd ACS/IEEE International Conference on Computer Systems and Applications, p. 94 (2005)
27. Castillo, A.: Modelos y Plataformas de Agentes Software Móviles e Inteligentes para Gestión del Conocimiento en el Contexto de las Tecnologías de la Información, Departamento de Informática, Universidad Pontificia de Salamanca, Madrid (2004)
28. Perez, C., Isaza, G., Brito, J.: Aplicación de Redes Neuronales para la detección de intrusos en redes y sistemas de información. Scientia et Technica XI(27), 225–230 (2005)
29. Math Works. Neural Network ToolboxTM 6.0 Design and simulate neural networks. Consulted: 2008 (2008), http://www.mathworks.com/products/neuralnet/
30. Fischer, I., Hennecke, F., Bannes, C., Zell, A.: User Manual, versión 1.1 of JAVA-NNS (Java Neural Network Simulator), University of Tübingen, Wilhelm-Schickard-Institute for Computer Science, Department of Computer Architecture (2002)
31. DARPA. DARPA Intrusion Detection Evaluation, The 1999 DARPA off-line intrusion detection evaluation, LINCOLN LABORATORY Massachusetts Institute of Technology. Consulted (2008), http://www.ll.mit.edu/IST/ideval/data/1999/1999_data_index.html
32. Herve, C.: IDSWakeUP. Consulted: 2008 (2002), http://www.hsc.fr/ressources/outils/idswakeup/index.html.en
33. Mutz, D., Vigna, G., Kemmerer, R.: An Experience Developing an IDS Stimulator for the Black-Box Testing of Network Intrusion Detection Systems, Department of Computer Science University of California, Santa Barbara (2003)
34. LuigiBellifemine, F., Caire, G., Greenwoo, D.: Developing Multi-Agent Systems with JADE. Wiley Series in Agent Technology, vol. 2008 (2007)
35. Curry, D.A., Debar, H., Feinstein, B.S.: Intrusion Detection Message Exchange Format. Intrusion Detection Working Group – Internet Engineering Task Force, Internet Draft (2004)
36. JENA. Jena – A Semantic Web Framework for Java. Consulted: Enero 2008 (2007), http://jena.sourceforge.net/