Abstract
The paper considers a multi-agent model of a computer networks security system, which is composed of particular autonomous knowledge-based agents, distributed over the hosts of the computer network to be protected and cooperating to make integrated consistent decisions. The paper is focused on an architecture, implementation and simulation of a case study aiming at exploration distinctions and potential advantages of using such an architecture for the computer network protection. The paper describes the conceptual model and architecture of the particular specialized agents and the system on a whole as well as implementation technology. Simulation scenario, input traffic model and peculiarities of the distributed security system operation are described. The major attention is paid to the intrusion detection task and agents interactions during detection of an attack against the computer network. The advantages of the proposed model of a computer networks security system are discussed.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Allen, J., Christie, A., Fithen, W., McHugh, J., Pickel, J., Stoner E.: State of the Practice of Intrusion Detection Technologies. In: Technical Report CMU/SEI-99-TR-028. Carnegie Mellon Software Engineering Institute (2000)
Asaka, M., Okazawa, S., Taguchi, A., Goto S.: A Method of Tracing Intruders by Use of Mobile Agents. In: Proceedings of INET’99 (1999)
Bace R.: Intrusion Detection. Indianapolis, Macmillan Computer Publishing (1999)
Balasubramaniyan, J.S., Garcia-Fernandez, J.O., Isacoff, D., Spafford, E., Zamboni D.: An Architecture for Intrusion Detection Using Autonomous Agents. Coast TR 98-05. West Lafayette, COAST Laboratory, Purdue University (1998)
BonifácioJr., Cansian, A., Moreira E., and de Carvalho A.: An Adaptive Intrusion Detection System Using Neural Networks. Proceedings of the IFIP World Computer Congress-Security in Information Systems, IFIP-SEC’98, Chapman & Hall, Vienna, Austria (1998)
Conner, M., Patel, C., Little M.: Genetic Algorithm/Artificial Life Evolution of Security Vulnerability Agents. In: Proceedings of 3rd Annual Symposium on Advanced Telecommunications & Information Distribution Research Program (ATIRP). Army Research Laboratory, Federal Laboratory (1999)
Crosbie, M., Spafford G.: Applying Genetic Programming to Intrusion Detection. In: Proceedings of the AAAI Fall Symposium on Genetic Programming. Cambridge, Menlo Park, CA, AAAI Press (1995)
Dasgupta, D.: Immunity-Based Intrusion Detection System: A General Framework. In: Proceedings of the 22nd National Information Systems Security Conference, USA (1999)
Helmer, G., Wong, J., Honavar, V., Miller, L.: Intelligent Agents for Intrusion Detection. In: Proceedings of the 1998 IEEE Information Technology Conference, Environment for the Future, Syracuse, NY, IEEE (1998)
Gorodetski, V., Kotenko, I., Skormin, V.: Integrated Multi-Agent Approach to Network Security Assurance: Models of Agents’ Community. In: Information Security for Global Information Infrastructures, IFIP TC11 Sixteenth Annual Working Conference on Information Security, Qing, S., Eloff J.H.P (eds), Beijing, China (2000)
Jacobs, S., Dumas, D., Booth, W., Little, M.: Security Architecture for Intelligent Agent Based Vulnerability Analysis. In: Proceedings of 3rd Annual Symposium on Advanced Telecommunications & Information Distribution Research Program (ATIRP) Army Research Laboratory, Federal Laboratory (1999)
Jansen, W., Mell, P., Karygiannis, T., Marks D.: Mobile Agents in Intrusion Detection and Response. In: Proceedings of the 12th Annual Canadian Information Technology Security Symposium, Ottawa, Canada (2000)
Karjoth, G., Lange, D., Oshima, M.: A Security Model for Aglets. In: IEEE Internet Computing (1997)
Lee, W., Stolfo, S.J., Mok, K.: A Data mining Framework for Building Intrusion Detection Model. In: Proceedings of the IEEE Symposium on Security and Privacy (1999)
Ptacek, T.H., Newsham, T.N.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection. Secure Networks, Inc. (1998)
Queiroz, J., Carmo, L., Pirmez, L.: MICAEL: An Autonomous Mobile Agent System to Protect New Generation Networked Applications. In: Proceedings of Second International Workshop on the Recent Advances in Intrusion Detection, West Lafayette, USA. (1999)
Somayaji, A., Hofmeyr, S., Forrest, S.: Principles of a Computer Immune System. In: Proceedings of the 1997 New Security Paradigms Workshop (1998)
White, G., Fisch, E., Pooch, U.: Cooperating Security Managers: A Peer-Based Intrusion Detection System. In: IEEE Network, Vol. 10(1) (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gorodetski, V.I., Karsayev, O., Khabalov, A., Kotenko, I., Popyack, L.J., Skormin, V. (2001). Agent-Based Model of Computer Network Security System: A Case Study. In: Gorodetski, V.I., Skormin, V.A., Popyack, L.J. (eds) Information Assurance in Computer Networks. MMM-ACNS 2001. Lecture Notes in Computer Science, vol 2052. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45116-1_7
Download citation
DOI: https://doi.org/10.1007/3-540-45116-1_7
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42103-0
Online ISBN: 978-3-540-45116-7
eBook Packages: Springer Book Archive