Multiagent Systems for Network Intrusion Detection: A Review

More and more, Intrusion Detection Systems (IDSs) are seen as an important component in comprehensive security solutions. Thus, IDSs are common elements in modern infrastructures to enforce network policies. So far, plenty of techniques have been applied for the detection of intrusions, which has been reported in many surveys. This work focuses the development of network-based IDSs from an architectural point of view, in which multiagent systems are applied for the development of IDSs, presenting an up-to-date revision of the state of the art.

[1]  Peter Norvig,et al.  Artificial Intelligence: A Modern Approach , 1995 .

[2]  D. Dasgupta,et al.  Mobile security agents for network traffic analysis , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[3]  Jaideep Srivastava,et al.  Managing Cyber Threats: Issues, Approaches, and Challenges (Massive Computing) , 2005 .

[4]  Steve Wilson,et al.  APHIDS: A Mobile Agent-Based Programmable Hybrid Intrusion Detection System , 2004, MATA.

[5]  M. Wooldridge Agent-Based Computing , 1997 .

[6]  Shigeki Goto,et al.  The Implementation of IDA: An Intrusion Detection Agent System , 1999 .

[7]  Michael Wooldridge,et al.  Intelligent Agents III , 1997 .

[8]  Peter Mell,et al.  Optimizing the Scalability of Network Intrusion Detection Systems Using Mobile Agents , 2004, Journal of Network and Systems Management.

[9]  Vasant Honavar,et al.  Lightweight agents for intrusion detection , 2003, J. Syst. Softw..

[10]  Eugene H. Spafford,et al.  Intrusion detection using autonomous agents , 2000, Comput. Networks.

[11]  Csilla Farkas,et al.  PAID: A Probabilistic Agent-Based Intrusion Detection system , 2005, Comput. Secur..

[12]  Jung-Min Park,et al.  An overview of anomaly detection techniques: Existing solutions and latest technological trends , 2007, Comput. Networks.

[13]  Jacques Ferber,et al.  Multi-agent systems - an introduction to distributed artificial intelligence , 1999 .

[14]  Gerhard Weiss,et al.  Multiagent systems: a modern approach to distributed artificial intelligence , 1999 .

[15]  Juan M. Corchado,et al.  Development of CBR-BDI Agents , 2005, Int. J. Comput. Sci. Appl..

[16]  Atsushi Inoue,et al.  Collaborative intrusion detection system , 2003, 22nd International Conference of the North American Fuzzy Information Processing Society, NAFIPS 2003.

[17]  Álvaro Herrero,et al.  MOVIH-IDS: A mobile-visualization hybrid intrusion detection system , 2009, Neurocomputing.

[18]  Thomas Magedanz,et al.  Mobility Aware Technologies and Applications, Second International Workshop, MATA 2005, Montreal, Canada, October 17-19, 2005, Proceedings , 2004, MATA.

[19]  Stefan Axelsson,et al.  Intrusion Detection Systems: A Survey and Taxonomy , 2002 .

[20]  Imane Aly Saroit,et al.  IDSUDA: An Intrusion Detection System Using Distributed Agents , 2006 .

[21]  John McHugh,et al.  Intrusion and intrusion detection , 2001, International Journal of Information Security.

[22]  R. J. Zheng,et al.  Mobile Agents for Network Intrusion Resistance , 2006, APWeb Workshops.

[23]  Nicholas R. Jennings,et al.  Agent-Based Computing , 2002, Intelligent Information Processing.

[24]  A. Roadmapof A Roadmap of Agent Research and Development , 1995 .

[25]  Arthur C. Graesser,et al.  Is it an Agent, or Just a Program?: A Taxonomy for Autonomous Agents , 1996, ATAL.

[26]  Edmund H. Durfee,et al.  Negotiating Task Decomposition and Allocation Using Partial Global Planning , 1989, Distributed Artificial Intelligence.

[27]  William L. Fithen,et al.  State of the Practice of Intrusion Detection Technologies , 2000 .

[28]  Gabriel Maciá-Fernández,et al.  Anomaly-based network intrusion detection: Techniques, systems and challenges , 2009, Comput. Secur..

[29]  Juan E. Tapiador,et al.  Anomaly detection methods in wired networks: a survey and taxonomy , 2004, Comput. Commun..

[30]  Minglu Li,et al.  Advanced Web and Network Technologies, and Applications , 2006 .

[31]  Leonid Sheremetov,et al.  Weiss, Gerhard. Multiagent Systems a Modern Approach to Distributed Artificial Intelligence , 2009 .

[32]  Wayne Jansen,et al.  Applying Mobile Agents to Intrusion Detection and Response , 1999 .

[33]  Jaideep Srivastava,et al.  Intrusion Detection: A Survey , 2005 .

[34]  Todd L. Heberlein,et al.  Network intrusion detection , 1994, IEEE Network.

[35]  Dean Englehardt Direction for Intrusion Detection and Response: A Survey , 1997 .

[36]  Marc Dacier,et al.  Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.

[37]  Nicholas R. Jennings,et al.  Agent Theories, Architectures, and Languages: A Survey , 1995, ECAI Workshop on Agent Theories, Architectures, and Languages.

[38]  Chi-Ho Tsang,et al.  Multi-agent intrusion detection system in industrial network using ant colony clustering approach and unsupervised feature extraction , 2005, 2005 IEEE International Conference on Industrial Technology.

[39]  Igor V. Kotenko,et al.  Multi-agent technologies for computer network security: attack simulation, intrusion detection and intrusion detection learning , 2003, Comput. Syst. Sci. Eng..

[40]  Anton Chuvakin Monitoring IDS , 2004, Inf. Secur. J. A Glob. Perspect..

[41]  Andrew H. Sung,et al.  A comparative study of techniques for intrusion detection , 2003, Proceedings. 15th IEEE International Conference on Tools with Artificial Intelligence.

[42]  H. M. Faheem,et al.  A multi-agent based system for intrusion detection , 2003 .

[43]  Anita K. Jones,et al.  Computer System Intrusion Detection: A Survey , 2000 .

[44]  Salvatore J. Stolfo,et al.  JAM: Java Agents for Meta-Learning over Distributed Databases , 1997, KDD.

[45]  Ngoc Thanh Nguyen,et al.  A Mobile Agent Approach to Intrusion Detection in Network Systems , 2005, KES.

[46]  Abhishek Gupta,et al.  APHIDS++: Evolution of A Programmable Hybrid Intrusion Detection System , 2005, MATA.

[47]  Agnar Aamodt,et al.  Case-Based Reasoning: Foundational Issues, Methodological Variations, and System Approaches , 1994, AI Commun..

[48]  Peter Mell,et al.  A denial-of-service resistant intrusion detection architecture , 2000, Comput. Networks.

[49]  Fabio A. González,et al.  CIDS: An agent-based intrusion detection system , 2005, Comput. Secur..

[50]  Harold Joseph Highland,et al.  The 17th NSCS abstructArtificial Intelligence and Intrusion Detection: Current and Future Directions : Jeremy Frank, University of California, Davis, CA , 1995 .

[51]  Luci Pirmez,et al.  Micael: An Autonomous Mobile Agent System to Protect New Generation Networked Applications , 1999, Recent Advances in Intrusion Detection.

[52]  Vladimir Gorodetsky,et al.  Asynchronous Alert Correlation in Multi-agent Intrusion Detection Systems , 2005, MMM-ACNS.

[53]  Ray Hunt,et al.  Intrusion detection techniques and approaches , 2002, Comput. Commun..

[54]  Vasant Honavar,et al.  Automated discovery of concise predictive rules for intrusion detection , 2002, J. Syst. Softw..

[55]  Juan M. Corchado,et al.  Constructing deliberative agents with case‐based reasoning technology , 2003, Int. J. Intell. Syst..

[56]  Computer Network Security , 2005 .

[57]  M. Reilly,et al.  Open infrastructure for scalable intrusion detection , 1998, 1998 IEEE Information Technology Conference, Information Environment for the Future (Cat. No.98EX228).

[58]  Hervé Debar,et al.  The Intrusion Detection Message Exchange Format (IDMEF) , 2007, RFC.

[59]  Lakhmi C. Jain,et al.  Knowledge-Based Intelligent Information and Engineering Systems , 2004, Lecture Notes in Computer Science.

[60]  Andrew H. Sung,et al.  Hybrid multi-agent framework for detection of stealthy probes , 2007, Appl. Soft Comput..

[61]  Alan H. Bond,et al.  Distributed Artificial Intelligence , 1988 .

[62]  Chengqi Zhang,et al.  MA-IDS Architecture for Distributed Intrusion Detection using Mobile Agent , 2004 .

[63]  Noria Foukia IDReAM: intrusion detection and response executed with agent mobility architecture and implementation , 2005, AAMAS '05.

[64]  Christopher Krügel,et al.  SPARTA, a Mobile Agent Based Instrusion Detection System , 2001, Network Security.