基于多智能体系统的新型协同入侵检测体系结构

2015 International Conference on Wireless Networks and Mobile Communications (WINCOM) Pub Date : 2015-10-01 DOI:10.1109/WINCOM.2015.7381338

M. E. Ajjouri, S. Benhadou, H. Medromi

{"title":"基于多智能体系统的新型协同入侵检测体系结构","authors":"M. E. Ajjouri, S. Benhadou, H. Medromi","doi":"10.1109/WINCOM.2015.7381338","DOIUrl":null,"url":null,"abstract":"The Intrusion Detection System architectures used in commercial and research systems have a number of problems that limit their configurability. An important problem of agents: learning is not used. The concept of learning in existing IDSs used in general to learn the normal behavior of the system to secure. Thus, the IDS does not have the ability to detect new attacks. We propose in this paper a new architecture for intrusion detection based in multi agent systems adding a learning feature abnormal behaviors that correspond to new attack patterns. We present the motivation and description of the approach, for the detection step, the approach adopted is based on the technique of Case-Based Reasoning (CBR). The proposed architecture is based on a hierarchical and distributed strategy separated into three layers. We focus after on the modeling of our Multi agent systems Architecture, for reasons of simplicity, we use the methodology O-MaSE.","PeriodicalId":389513,"journal":{"name":"2015 International Conference on Wireless Networks and Mobile Communications (WINCOM)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"New collaborative intrusion detection architecture based on multi agent systems\",\"authors\":\"M. E. Ajjouri, S. Benhadou, H. Medromi\",\"doi\":\"10.1109/WINCOM.2015.7381338\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Intrusion Detection System architectures used in commercial and research systems have a number of problems that limit their configurability. An important problem of agents: learning is not used. The concept of learning in existing IDSs used in general to learn the normal behavior of the system to secure. Thus, the IDS does not have the ability to detect new attacks. We propose in this paper a new architecture for intrusion detection based in multi agent systems adding a learning feature abnormal behaviors that correspond to new attack patterns. We present the motivation and description of the approach, for the detection step, the approach adopted is based on the technique of Case-Based Reasoning (CBR). The proposed architecture is based on a hierarchical and distributed strategy separated into three layers. We focus after on the modeling of our Multi agent systems Architecture, for reasons of simplicity, we use the methodology O-MaSE.\",\"PeriodicalId\":389513,\"journal\":{\"name\":\"2015 International Conference on Wireless Networks and Mobile Communications (WINCOM)\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 International Conference on Wireless Networks and Mobile Communications (WINCOM)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WINCOM.2015.7381338\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 International Conference on Wireless Networks and Mobile Communications (WINCOM)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WINCOM.2015.7381338","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

商业和研究系统中使用的入侵检测系统架构存在许多限制其可配置性的问题。智能体的一个重要问题是:学习没有用。学习的概念在现有的ids中一般用于学习系统的正常行为以确保安全。因此，IDS不具备检测新攻击的能力。本文提出了一种新的基于多智能体系统的入侵检测体系结构，该体系结构增加了一个学习特征，即与新的攻击模式相对应的异常行为。给出了该方法的动机和描述，在检测步骤中，采用基于案例推理(Case-Based Reasoning, CBR)的方法。所提出的体系结构基于分层和分布式策略，分为三层。之后，我们将重点放在多代理系统体系结构的建模上，为了简单起见，我们使用了O-MaSE方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

New collaborative intrusion detection architecture based on multi agent systems

The Intrusion Detection System architectures used in commercial and research systems have a number of problems that limit their configurability. An important problem of agents: learning is not used. The concept of learning in existing IDSs used in general to learn the normal behavior of the system to secure. Thus, the IDS does not have the ability to detect new attacks. We propose in this paper a new architecture for intrusion detection based in multi agent systems adding a learning feature abnormal behaviors that correspond to new attack patterns. We present the motivation and description of the approach, for the detection step, the approach adopted is based on the technique of Case-Based Reasoning (CBR). The proposed architecture is based on a hierarchical and distributed strategy separated into three layers. We focus after on the modeling of our Multi agent systems Architecture, for reasons of simplicity, we use the methodology O-MaSE.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2015 International Conference on Wireless Networks and Mobile Communications (WINCOM)

自引率

0.00%

发文量