Application of Belief-Desire-Intention Agents in Intrusion Detection & Response

Current intrusion detection technologies have several major shortcomings. Using intelligent agents for intrusion detection and response is expected to improve the current status of the technology. Previous research mostly focuses on the distribution of detection and response functions across a domain or several domains rather than the intelligent behavior of agents. We explain the design and implementations of Belief-DesireIntention agents, which operate based on their (possibly imperfect) beliefs about the current status of the network and use their predefined plans and capabilities to cope with the real world intrusion detection and automated response problems. The agents are context-sensitive to accommodate the changes in the network status and are capable of re-planning to recover from the failures.

[1]  D. Frincke,et al.  A Framework for Cooperative Intrusion Detection , 1998 .

[2]  Rajeev Gopalakrishna,et al.  A Framework for Distributed Intrusion Detection using Interest-Driven Cooperative Agents , 2001 .

[3]  Wenke Lee,et al.  Integrating intrusion detection and network management , 2002, NOMS 2002. IEEE/IFIP Network Operations and Management Symposium. ' Management Solutions for the New Communications World'(Cat. No.02CH37327).

[4]  Michael Papasimeon,et al.  Extending the UML for designing Jack agents , 2001, Proceedings 2001 Australian Software Engineering Conference.

[5]  Eugene H. Spafford,et al.  Intrusion detection using autonomous agents , 2000, Comput. Networks.

[6]  Anand S. Rao,et al.  Modeling Rational Agents within a BDI-Architecture , 1997, KR.

[7]  Julie A. Dickerson,et al.  Fuzzy intrusion detection , 2001, Proceedings Joint 9th IFSA World Congress and 20th NAFIPS International Conference (Cat. No. 01TH8569).

[8]  M. Asaka,et al.  A method of tracing intruders by use of mobile agents , 1999 .

[9]  Richard Bellman,et al.  Decision-making in fuzzy environment , 2012 .

[10]  Michael Georgeff,et al.  Intentions and Rational Commitment , 1993 .

[11]  Sabrina De Capitani di Vimercati,et al.  Security and Privacy in the Age of Uncertainty , 2003, IFIP — The International Federation for Information Processing.

[12]  Michael Wooldridge,et al.  Practical Reasoning with Procedural Knowledge (A LOGIC OF BDI AGENTS WITH KNOW-HOW) , 2002 .

[13]  Jizhou Sun,et al.  TJIDS: an intrusion detection architecture for distributed network , 2003, CCECE 2003 - Canadian Conference on Electrical and Computer Engineering. Toward a Caring and Humane Technology (Cat. No.03CH37436).

[14]  Walt Yao,et al.  Trust management for widely distributed systems , 2003 .

[15]  Ravi S. Sandhu,et al.  Engineering authority and trust in cyberspace: the OM-AM and RBAC way , 2000, RBAC '00.

[16]  Karima Boudaoud,et al.  A Multi-agents System for Network Security Management , 2000, SMARTNET.

[17]  Vasant Honavar,et al.  Intelligent agents for intrusion detection , 1998, 1998 IEEE Information Technology Conference, Information Environment for the Future (Cat. No.98EX228).

[18]  Udo W. Pooch,et al.  Adaptation techniques for intrusion detection and intrusion response systems , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[19]  Michael Wooldridge,et al.  Practical Reasoning with Procedural Knowledge , 1996, FAPR.