Autonomous Protection Mechanism for Joint Networks in Coalition Operations

2007 International Conference on Integration of Knowledge Intensive Multi-Agent Systems Pub Date : 2007-06-11 DOI:10.1109/KIMAS.2007.369840

M. Rehák, J. Tozicka, M. Pechoucek, M. Prokopová, L. Foltýn

{"title":"Autonomous Protection Mechanism for Joint Networks in Coalition Operations","authors":"M. Rehák, J. Tozicka, M. Pechoucek, M. Prokopová, L. Foltýn","doi":"10.1109/KIMAS.2007.369840","DOIUrl":null,"url":null,"abstract":"Any successful coalition cooperation requires efficient communication network connecting the coalition members. Protection of this joint network requires special techniques as it is highly dynamic, heterogenous and a joint network management team can not always be established. To address the requirements for joint network protection, we propose a design of a highly autonomous, adaptive and decentralized agent-based mechanism for network intrusion detection and self-protection. Detection process is based on correlation of anomalies in network traffic with simple alarms raised by host-based intrusion detection components, in order to achieve a low false positive rate. The self-protection mechanism features distributed, policy driven deployment of automatically generated filters. Our approach doesn't require any direct operator oversight, but all components are subject to policies established by their owners to prevent undesirable behavior or system misuse. The whole approach is validated in a high-level network model with worm propagation scenario","PeriodicalId":193808,"journal":{"name":"2007 International Conference on Integration of Knowledge Intensive Multi-Agent Systems","volume":"93 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-06-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Conference on Integration of Knowledge Intensive Multi-Agent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/KIMAS.2007.369840","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Any successful coalition cooperation requires efficient communication network connecting the coalition members. Protection of this joint network requires special techniques as it is highly dynamic, heterogenous and a joint network management team can not always be established. To address the requirements for joint network protection, we propose a design of a highly autonomous, adaptive and decentralized agent-based mechanism for network intrusion detection and self-protection. Detection process is based on correlation of anomalies in network traffic with simple alarms raised by host-based intrusion detection components, in order to achieve a low false positive rate. The self-protection mechanism features distributed, policy driven deployment of automatically generated filters. Our approach doesn't require any direct operator oversight, but all components are subject to policies established by their owners to prevent undesirable behavior or system misuse. The whole approach is validated in a high-level network model with worm propagation scenario

查看原文本刊更多论文

联合作战中联合网络的自主保护机制

任何成功的联盟合作都需要有效的通信网络连接联盟成员。由于该联合网络具有高度动态性、异构性，且不可能始终建立一个联合网络管理团队，因此对其进行保护需要特殊的技术。为满足联合网络保护的需求，提出了一种高度自治、自适应、分散的基于agent的网络入侵检测和自我保护机制设计。检测过程是将网络流量异常与基于主机的入侵检测组件发出的简单报警相关联，以达到低误报率的目的。自我保护机制的特点是分布式、策略驱动的自动生成过滤器部署。我们的方法不需要任何直接的操作员监督，但所有组件都服从其所有者制定的策略，以防止不良行为或系统滥用。在具有蠕虫传播场景的高级网络模型中对整个方法进行了验证

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2007 International Conference on Integration of Knowledge Intensive Multi-Agent Systems

自引率

0.00%

发文量