A multi-agent cooperative model and system for integrated security monitoring

Authors:
Xianxian Li;Lijun Liu
Affiliations:
School of Computer Science and Engineering, Beihang University, Beijing, China;School of Computer Science and Engineering, Beihang University, Beijing, China
Venue:
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Year:
2006

Citing 9
Cited 0

The base-rate fallacy and its implications for the difficulty of intrusion detection

CCS '99 Proceedings of the 6th ACM conference on Computer and communications security
Towards a taxonomy of intrusion-detection systems

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Implementing a distributed firewall

Proceedings of the 7th ACM conference on Computer and communications security
An Intelligent Agent-based Model for Security Management

ISCC '02 Proceedings of the Seventh International Symposium on Computers and Communications (ISCC'02)
The Multi-Agent Systems for Computer Network Security Assurance: Frameworks and Case Studies

ICAIS '02 Proceedings of the 2002 IEEE International Conference on Artificial Intelligence Systems (ICAIS'02)
Intranet Security with Micro-Firewalls and Mobile Agents for Proactive Intrusion Response

ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Modelling a flexible network security systems using multi-agents systems: security assessment considerations

ISICT '03 Proceedings of the 1st international symposium on Information and communication technologies
A cooperative agent-based model for active security systems

Journal of Network and Computer Applications
IDReAM: intrusion detection and response executed with agent mobility architecture and implementation

Proceedings of the fourth international joint conference on Autonomous agents and multiagent systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

The increasing complexity of various network threats has made the integration and cooperation of multiple security monitoring technologies necessary in network security defense. However, most existing works have focused on certain special monitoring technologies such as intrusion detection, and studies on integrated security monitoring system are quite insufficient. In this paper, a novel formal model called MCSM (Multi-agent Cooperation model for Security Monitoring based on knowledge) is proposed. In MCSM, the integrated security monitoring is modeled as a FSA (Finite State Automata) with multiple agents, and a general knowledge structure for multiple agents is constructed. We have successfully developed an IMS (Integrated Monitoring System) called ACT-BroSA (Broad-spectrum security Scan and Analysis system) based on MCSM. Results of experiments show that the integrated monitoring capability is significantly improved.