论文信息 - AGNOSCO - Identification of Infected Nodes with artificial Ant Colonies

AGNOSCO - Identification of Infected Nodes with artificial Ant Colonies

If a computer node is infected by a virus, worm or a backdoor, then this is a security risk for the complete network structure where the node is associated. Existing Network Intrusion Detection Systems (NIDS) provide a certain amount of support for the identification of such infected nodes but suffer from the need of plenty of communication and computational power. In this article, we present a novel approach called AGNOSCO to support the identification of infected nodes through the usage of artificial ant colonies. It is shown that AGNOSCO overcomes the communication and computational power problem while identifying infected nodes properly.

Michael Hilker | Christoph Schommer

[1] J. Deneubourg,et al. How Trail Laying and Trail Following Can Solve Foraging Problems for Ant Colonies , 1990 .

[2] Eugene H. Spafford,et al. Intrusion detection using autonomous agents , 2000, Comput. Networks.

[3] Marco Dorigo,et al. Distributed Optimization by Ant Colonies , 1992 .

[4] Martin Roesch,et al. Snort - Lightweight Intrusion Detection for Networks , 1999 .

[5] Marc Dacier,et al. Towards a taxonomy of intrusion-detection systems , 1999, Comput. Networks.

[6] Marco Dorigo,et al. Ant system: optimization by a colony of cooperating agents , 1996, IEEE Trans. Syst. Man Cybern. Part B.

[7] Stephanie Forrest,et al. Immunity by design: an artificial immune system , 1999 .

[8] Michael Hilker,et al. Description of bad-signatures for network intrusion detection , 2006, ACSW.

[9] Stephanie Forrest,et al. Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[10] Leslie Lamport,et al. The Byzantine Generals Problem , 1982, TOPL.

[11] Biswanath Mukherjee,et al. DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype , 1997 .