Agent-Based Simulation Of Distributed Defense Against Computer Network Attacks

The paper describes the agent-based approach and software environment (based on OMNeT++ INET Framework) developed for simulation of distributed defense mechanisms which can be deployed in the Internet for counteraction to computer network attacks. According to the approach suggested, the cybernetic counteraction of “bad guys” and security systems is represented by the interaction of different agent teams. The main components of the software environment are outlined. One of the experiments on protection against attacks “Distributed Denial of Service” is described.

[1]  Milind Tambe,et al.  Towards Heterogeneous Agent Teams , 2001, EASSS.

[2]  Sarit Kraus,et al.  Collaborative Plans for Complex Group Action , 1996, Artif. Intell..

[3]  Shigang Chen,et al.  Perimeter-based defense against high bandwidth DDoS attacks , 2005, IEEE Transactions on Parallel and Distributed Systems.

[4]  Kang G. Shin,et al.  Hop-count filtering: an effective defense against spoofed DDoS traffic , 2003, CCS '03.

[5]  Jelena Mirkovic,et al.  Distributed Defense Against DDoS Attacks , 2004 .

[6]  Wanlei Zhou,et al.  An Active Distributed Defense System to Protect Web Applications from DDOS Attacks , 2004, iiWAS.

[7]  Riccardo Bettati,et al.  A Gateway-based Defense System for Distributed DoS Attacks in High-Speed Networks , 2001 .

[8]  I. Kotenko,et al.  The control of teams of autonomous objects in the time-constrained environments , 2002, Proceedings 2002 IEEE International Conference on Artificial Intelligence Systems (ICAIS 2002).

[9]  John Yen,et al.  Modeling and simulating human teamwork behaviors using intelligent agents , 2004 .

[10]  John Yen,et al.  CAST: Collaborative Agents for Simulating Teamwork , 2001, IJCAI.

[11]  Ramesh Govindan,et al.  COSSACK: Coordinated Suppression of Simultaneous Attacks , 2003, Proceedings DARPA Information Survivability Conference and Exposition.

[12]  Milind Tambe,et al.  Towards Flexible Teamwork , 1997, J. Artif. Intell. Res..

[13]  Angelos D. Keromytis,et al.  SOS: an architecture for mitigating DDoS attacks , 2004, IEEE Journal on Selected Areas in Communications.

[14]  Kotagiri Ramamohanarao,et al.  Protection from distributed denial of service attacks using history-based IP filtering , 2003, IEEE International Conference on Communications, 2003. ICC '03..

[15]  Patrick Brézillon,et al.  Lecture Notes in Artificial Intelligence , 1999 .