IDReAM: Intrusion Detection and Response Executed with Agent Mobility

Foukia, Noria

doi:10.1007/11494676_15

IDReAM: Intrusion Detection and Response Executed with Agent Mobility

The Conceptual Model Based on Self- rganizing Natural Systems

Noria Foukia²²

Conference paper

1292 Accesses
7 Citations

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3464))

Abstract

Nowadays, lots of researches in Intrusion Detection and Intrusion Response try to find new solutions to circumvent new intrusive behaviors. One of the principal weaknesses of these systems is the lack of robustness inherent in their centralized nature. Even though most of the existing Intrusion Detection and Response Systems (IDRSystems) use distributed data collection (host-based or network-based) many of them continue to perform data analysis centrally, thereby limiting scalability. Moreover, even if the IDRSystem is distributed in the network, its deployed elements generally remain static. With the means available to modern attackers, such as automated intrusion tools, these static and distributed elements are easily accessible. Often, this does not always contribute to improving the reliability and resistance to attacks of such static components.

This paper presents our approach for building an IDRSystem called Intrusion Detection and Response extended with Agent Mobility or IDReAM for short. IDReAM combines Mobile Agents (MAs) with self-organizing paradigms inspired by natural life systems. This approach was already announced in a preceding paper [4], and the present paper describes in a more detailed way the conceptual model. All the research works relating to IDReAM are gathered in a PhD Thesis [3] which also contains the implementation results of the model and its evaluation. The present paper is limited only to the model.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Di Caro, G., Dorigo, M.: Ant colonies for adaptive routing in packet-switched communications networks. IRIDIA Universit Libre de Bruxelles, Belgium (1998)
Google Scholar
Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A sense of self for unix processes. In: Proceedinges of the 1996 IEEE Symposium on Research in Securit and Privacy Context Related (1996)
Google Scholar
Foukia, N.: IDReAM: Intrusion Detection Executed with Agent Mobility - A Distributed Approach Inspired from Natural Life Systems. PhD thesis. University of Geneva (2004)
Google Scholar
Foukia, N., Hassas, S.: Managing computer networks security through selforganization - a complex system perspective. In: Proceedings of the First International Workshop on Engineering Self-Organising Applications (ESOA), Melbourne, Australia (July 14-15, 2003)
Google Scholar
Foukia, N., Hassas, S., Fenet, S., Hulaas, J.: An intrusion response scheme: Tracking the alert source using stigmergy paradigm. In: SEMAS 2002, Bologna - Italy (July 2002)
Google Scholar
Grassé, P.P.: La reconstruction du nid et les interactions inter-individuelles chez les bellicoitermes natalenis et cubitermes, la thorie de la stigmergie - essai d’interprtation d es termites constructeurs. Insectes Sociaux (6), 41–81 (1959)
Google Scholar
Hofmeyr, S.A., Forrest, S.: Immunity by design: An artificial immune system. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO). Morgan- Kaufmann, San Francisco (1999)
Google Scholar
J-Seal2, http://www.coco.co.at/development/
Kleinstein, S.H., Seiden, P.E.: Simulating the immune system. Computing in Science and Engineering, 69–77 (July 2000)
Google Scholar
Martinoli, A.: Swarm Intelligence in Autonomous Collective Robotics: From Tools to the Analysis and Synthesis of Distributed Collective Strategies. PhD thesis, EPFL, Lausanne, Switzerland (1999)
Google Scholar

Download references

Author information

Authors and Affiliations

University of Geneva, rue Général Dufour 24, CH-1211, Geneva 4, Switzerland
Noria Foukia

Authors

Noria Foukia
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

NewVectors, 3520 Green Court, Suite 250, MI 48105, Ann Arbor, USA
Sven A. Brueckner
School of Computer Science and Information Systems, Birkbeck College London,
Giovanna Di Marzo Serugendo
Department of Computer and Communication Engineering, University of Thessaly, 37 Glavani, 28th October Str., Deligiorgi Building, 4th floor, room D3/4, 382 21, Volos, Greece
Anthony Karageorgos
Division of Engineering and Applied Sciences, Computer Science Dept., Harvard University, 235 Maxwell Dworkin, 33 Oxford Street, MA 02138, Cambridge, USA
Radhika Nagpal

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Foukia, N. (2005). IDReAM: Intrusion Detection and Response Executed with Agent Mobility. In: Brueckner, S.A., Di Marzo Serugendo, G., Karageorgos, A., Nagpal, R. (eds) Engineering Self-Organising Systems. ESOA 2004. Lecture Notes in Computer Science(), vol 3464. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11494676_15

Download citation

DOI: https://doi.org/10.1007/11494676_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-26180-3
Online ISBN: 978-3-540-31901-6
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics