论文信息 - Multi-agent system vulnerability detector for a secured E-learning environment

Multi-agent system vulnerability detector for a secured E-learning environment

Information and communication systems have several security vulnerabilities. In addition, conventional security software requires tuning effort and may not be able to detect many web attacks. For this reasons, security becomes a worldwide objective to many technological systems including Learning Management Systems (LMSs) such as Moodle. In this work, we propose a secured multi agent system (MAS) with an interceptor IIS module (IIISM) which denies malicious user access by adding a security layer to any web application including the LMS Moodle environment. The IIISM extends the IIS Server and listens to any http request targeting the web application and the LMS Moodle. While, the analysis and the design of the MAS architecture are based on the Gaia methodology, the agents were implemented using the JADE agents' middleware. This security layer overcomes the hacker attack based on the SQL injection and the cross site scripting for Moodle environment. In a first scenario, a student is requesting a course, the MAS validate this request, and the web page is displayed normally. A second scenario presents the URL and form based for the SQL injection attack by a hacker. The MAS agents detect the attack and and they respond by a denial of access to this malicious user. Moreover, this proposed security layer can be easily extended to include other security detection modules which correspond to common web vulnerabilities.

Ali El Hajj | Farid El Hajj | Rima Abdallah Chehade | A. El Hajj | Farid El Hajj

[1] Nicholas R. Jennings,et al. The Gaia Methodology for Agent-Oriented Analysis and Design , 2000, Autonomous Agents and Multi-Agent Systems.

[2] Hüseyin Çakir,et al. Applications of Artificial Intelligence Techniques to Combating Cyber Crimes: A Review , 2015, ArXiv.

[3] Scott A. DeLoach,et al. An Overview of the Multiagent Systems Engineering Methodology , 2000, AOSE.

[4] Abder Koukam,et al. Towards an Agent-Oriented Modeling and Evaluation Approach For Vehicular Systems Security , 2014, ArXiv.

[5] Fausto Giunchiglia,et al. The tropos software development methodology: processes, models and diagrams , 2002, AAMAS '02.

[6] José Helano Matos Nogueira. Mobile Intelligent Agents to Fight Cyber Intrusions , 2006 .

[7] Michael Winikoff,et al. Prometheus: a methodology for developing intelligent agents , 2002, AAMAS '02.

[8] Nikolaos I. Spanoudakis,et al. Engineering JADE Agents with the Gaia Methodology , 2002, Agent Technologies, Infrastructures, Tools, and Applications for E-Services.

[9] Kamlesh Dutta,et al. INVESTIGATION ON SECURITY IN LMS MOODLE , 2011 .

[10] Khanh Hoa Dam,et al. Evaluating and Comparing Agent-Oriented Software Engineering Methodologies , 2003 .

[11] Nathan Griffiths,et al. GAOOLE: a Gaia design of agent-based online collaborative learning environment , 2009 .

[12] Ciobanu Costinela-Luminiţa,et al. E-learning Security Vulnerabilities , 2012 .