An Intrusion Detection and Prevention Model Based on Intelligent Multi-Agent Systems, Signatures and Reaction Rules Ontologies

Distributed Intrusion Detection Systems (DIDS) have been integrated to other techniques to incorporate some degree of adaptability. For instance, IDS and intelligent techniques facilitate the automatic generation of new signatures that allow this hybrid approach to detect and prevent unknown attacks patterns. Additionally, agent based architectures offer capabilities such as autonomy, reactivity, pro-activity, mobility and rationality that are desirables in IDSs. This paper presents an intrusion detection and prevention model that integrates an intelligent multi-agent system. The knowledge model is designed and represented with ontological signature, ontology rule representation for intrusion detection and prevention, and event correlation.

[1]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[2]  Álvaro Herrero,et al.  Hybrid Multi Agent-Neural Network Intrusion Detection with Mobile Visualization , 2008, Innovations in Hybrid Intelligent Systems.

[3]  Salvador Mandujano,et al.  An ontology-based multiagent approach to outbound intrusion detection , 2005, The 3rd ACS/IEEE International Conference onComputer Systems and Applications, 2005..

[4]  Eugene H. Spafford,et al.  Intrusion detection using autonomous agents , 2000, Comput. Networks.

[5]  Timothy W. Finin,et al.  A Target Centric Ontology for Intrusion Detection: Using DAML+OIL to Classify Intrusive Behaviors , 2004 .

[6]  Pablo García Bringas Intensive Use of Bayesian Belief Networks for the Unified, Flexible and Adaptable Analysis of Misuses and Anomalies in Network Intrusion Detection and Prevention Systems , 2007 .

[7]  S.H. Hashem,et al.  A Proposed Multi-Agent System for Intrusion Detection System in a Complex Network , 2006, 2006 2nd International Conference on Information & Communication Technologies.

[8]  Roberto Uribeetxeberria,et al.  Combined Data Mining Approach for Intrusion Detection , 2018, SECRYPT.

[9]  Guifa Teng,et al.  Unsupervised SVM Based on p-kernels for Anomaly Detection , 2006, First International Conference on Innovative Computing, Information and Control - Volume I (ICICIC'06).

[10]  Fabio Roli,et al.  Image Analysis and Processing - ICIAP 2005, 13th International Conference, Cagliari, Italy, September 6-8, 2005, Proceedings , 2005, ICIAP.

[11]  Sam Kwong,et al.  Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection , 2007, Pattern Recognition.

[12]  Pablo García Bringas Intensive Use of Bayesian Belief Networks for the Unified, Flexible and Adaptable Analysis of Misuses and Anomalies in Network Intrusion Detection and Prevention Systems , 2007, 18th International Workshop on Database and Expert Systems Applications (DEXA 2007).

[13]  Agostino Poggi,et al.  Developing Multi-agent Systems with JADE , 2007, ATAL.

[14]  Hassan Artail,et al.  A New Mobile Agent-Based Intrusion Detection System Using Distributed Sensors , 2004 .

[15]  John McHugh,et al.  Intrusion and intrusion detection , 2001, International Journal of Information Security.

[16]  Aykut Oksuz,et al.  Unsupervised Intrusion Detection System , 2007 .

[17]  Arturo Ribagorda,et al.  Autonomous decision on intrusion detection with trained BDI agents , 2008, Comput. Commun..

[18]  Andrew H. Sung,et al.  Intrusion detection using an ensemble of intelligent paradigms , 2005, J. Netw. Comput. Appl..

[19]  Christin Schäfer,et al.  Learning Intrusion Detection: Supervised or Unsupervised? , 2005, ICIAP.

[20]  Azzedine Boukerche,et al.  An agent based and biological inspired real-time intrusion detection and security model for computer network operations , 2007, Comput. Commun..

[21]  Fabio A. González,et al.  CIDS: An agent-based intrusion detection system , 2005, Comput. Secur..

[22]  V. Golovko,et al.  Neural Network Ensembles for Intrusion Detection , 2007, 2007 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications.

[23]  Mohammad Saniee Abadeh,et al.  A parallel genetic local search algorithm for intrusion detection in computer networks , 2007, Eng. Appl. Artif. Intell..

[24]  Giovanni Vigna,et al.  An experience developing an IDS stimulator for the black-box testing of network intrusion detection systems , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[25]  Anupam Joshi,et al.  Modeling Computer Attacks: An Ontology for Intrusion Detection , 2003, RAID.