A First Step Towards a General-Purpose Distributed Cyberdefense System

Rodríguez, Aarón; Castillo, Luis

doi:10.1007/978-3-319-94580-4_19

Aarón Rodríguez¹⁷ &
Luis Castillo¹⁷

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 10978))

Included in the following conference series:

International Conference on Practical Applications of Agents and Multi-Agent Systems

1467 Accesses
1 Citations

Abstract

Most part of the activity in cybersecurity consists of perceiving the state of a distributed environment composed of a network of interconnected computers or devices, taking care of every individual perception of a device but also observing the whole picture of the network. When needed, there is a reaction by executing actions aimed at producing some preventive, defensive or restoring effect in that environment in order to keep it in a safe state. This is, nearly by definition, an ideal area of application for multi-agent systems. This paper presents the first steps given to build a general-purpose multi-agent system for the cyberdefense of a network of computers. It also shows a preliminary experiment to measure the burden of implementing this distributed defense mechanism in terms of CPU and memory overload.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
DARPA Cyber Grand Challenge (2016) http://archive.darpa.mil/cybergrandchallenge/.
2.
The complete source code of CID is availabe on GitHub https://github.com/HaruGaren/CID.
3.
Technically this server is also used to host the agent platform, but both, the platform and the CID Server Agent might be up and running on any computer of the network.
4.
FIPA ACL Specification http://www.fipa.org/repository/aclspecs.html.
5.
JavaScript Object Notation https://en.wikipedia.org/wiki/JSON.
6.
Every agent is simply a JAR file with its associated initialization file encoded in JSON.

References

Abu Rajab, M., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, pp. 41–52. ACM (2006)
Google Scholar
Avgerinos, T., Cha, S.K., Rebert, A., Schwartz, E.J., Woo, M., Brumley, D.: Automatic exploit generation. Commun. ACM 57(2), 74–84 (2014)
Article Google Scholar
Dastani, M.: A survey of multi-agent programming languages and frameworks. In: Shehory, O., Sturm, A. (eds.) Agent-Oriented Software Engineering, pp. 213–233. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54432-3_11
Chapter Google Scholar
de la Asunción, M., Castillo, L., Fdez-Olivares, J., García-Pérez, O., González, A., Palao, F.: SIADEX: an interactive artificial intelligence planner for decision support and training in forest fire fighting. Artif. Intell. Commun. 18(4) (2005)
Google Scholar
Fdez-Olivares, J., Castillo, L., García-Pérez, O., Palao, F.: Bringing users and planning technology together. Experiences in SIADEX. In: Sixteenth International Conference on Automated Planning and Scheduling, ICAPS (2006). Awarded as the Best Application Paper of this edition
Google Scholar
Kotenko, I.: Multi-agent modelling and simulation of cyber-attacks and cyber-defense for homeland security. In: 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2007, pp. 614–619. IEEE (2007)
Google Scholar
Magán-Carrión, R., Camacho-Páez, J., García-Teodoro, P.: A multiagent self-healing system against security incidents in MANETs. In: Corchado, J.M., et al. (eds.) PAAMS 2014. CCIS, vol. 430, pp. 321–332. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07767-3_29
Chapter Google Scholar
Mead, J., Vasatka, J.E., Craig, J.A.: Cybersecurity system with differentiated capacity to deal with complex cyber attacks. US Patent App. 14/872,698 6 Apr 2017
Google Scholar
National Institute of Standards and NIST Technology: Framework for improving critical infrastructure cybersecurity v 1.1 draft 2, December 2017
Google Scholar
Oltramari, A., Ben-Asher, N., Cranor, L., Bauer, L., Christin, N.: General requirements of a hybrid-modeling framework for cyber security. In: 2014 IEEE Military Communications Conference (MILCOM), pp. 129–135. IEEE (2014)
Google Scholar
Palmer, D.: Cyber-attacks are a top three risk to society, alongside natural disaster and extreme weather. ZDNet, January 2018. http://www.zdnet.com/article/cyber-attacks-are-a-top-three-risk-to-society-alongside-natural-disaster-and-extreme-weather/
Rahman, M.S., Mahmud, M.A., Oo, A.M.T., Pota, H.R.: Multi-agent approach for enhancing security of protection schemes in cyber-physical energy systems. IEEE Trans. Industr. Inform. 13(2), 436–447 (2017)
Article Google Scholar
Rodríguez, A.: Cid. ciberdefensa inteligente distribuida (distributed intelligent cyberdefense). M.Sc. thesis, University of Granada (2017)
Google Scholar
Shin, M.-K., Nam, K.-H., Kim, H.-J.: Software-defined networking (SDN): a reference architecture and open APIs. In: 2012 International Conference on ICT Convergence (ICTC), pp. 360–361. IEEE (2012)
Google Scholar
Shosha, A.F., Gladyshev, P., Wu, S.-S., Liu, C.-C.: Detecting cyber intrusions in SCADA networks using multi-agent collaboration. In: 2011 16th International Conference on Intelligent System Application to Power Systems (ISAP), pp. 1–7. IEEE (2011)
Google Scholar
Singh, M.P.: Cybersecurity as an application domain for multiagent systems. In: Proceedings of the 2015 International Conference on Autonomous Agents and Multiagent Systems, pp. 1207–1212. International Foundation for Autonomous Agents and Multiagent Systems (2015)
Google Scholar
Such, J.M., Criado, N., Vercouter, L., Rehak, M.: Intelligent cybersecurity agents [guest editors’ introduction]. IEEE Intell. Syst. 31(5), 3–7 (2016)
Article Google Scholar
Such, J.M., GarcíA-Fornes, A., Espinosa, A.N., Bellver, J.: Magentix2: a privacy-enhancing agent platform. Eng. Appl. Artif. Intell. 26(1), 96–109 (2013)
Article Google Scholar
Wooldridge, M.: An Introduction to Multiagent Systems. Wiley, Hoboken (2009)
Google Scholar

Download references

Acknowledgements

This work has been partly funded by TIN2015-71618-R (MINECO/FEDER).

Author information

Authors and Affiliations

Department of Computer Science and Artificial Intelligence, University of Granada, Granada, Spain
Aarón Rodríguez & Luis Castillo

Authors

Aarón Rodríguez
View author publications
You can also search for this author in PubMed Google Scholar
Luis Castillo
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Luis Castillo .

Editor information

Editors and Affiliations

Centre National de la Recherche Scientifique, Grenoble, France
Yves Demazeau
Nanyang Technological University, Singapore, Singapore
Bo An
Universidad Politécnica de Madrid, Madrid, Spain
Javier Bajo
Universidad de Castilla La Mancha, Albacete, Spain
Antonio Fernández-Caballero

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Rodríguez, A., Castillo, L. (2018). A First Step Towards a General-Purpose Distributed Cyberdefense System. In: Demazeau, Y., An, B., Bajo, J., Fernández-Caballero, A. (eds) Advances in Practical Applications of Agents, Multi-Agent Systems, and Complexity: The PAAMS Collection. PAAMS 2018. Lecture Notes in Computer Science(), vol 10978. Springer, Cham. https://doi.org/10.1007/978-3-319-94580-4_19

Download citation

DOI: https://doi.org/10.1007/978-3-319-94580-4_19
Published: 20 June 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94579-8
Online ISBN: 978-3-319-94580-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics