Abstract
Most part of the activity in cybersecurity consists of perceiving the state of a distributed environment composed of a network of interconnected computers or devices, taking care of every individual perception of a device but also observing the whole picture of the network. When needed, there is a reaction by executing actions aimed at producing some preventive, defensive or restoring effect in that environment in order to keep it in a safe state. This is, nearly by definition, an ideal area of application for multi-agent systems. This paper presents the first steps given to build a general-purpose multi-agent system for the cyberdefense of a network of computers. It also shows a preliminary experiment to measure the burden of implementing this distributed defense mechanism in terms of CPU and memory overload.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
DARPA Cyber Grand Challenge (2016) http://archive.darpa.mil/cybergrandchallenge/.
- 2.
The complete source code of CID is availabe on GitHub https://github.com/HaruGaren/CID.
- 3.
Technically this server is also used to host the agent platform, but both, the platform and the CID Server Agent might be up and running on any computer of the network.
- 4.
FIPA ACL Specification http://www.fipa.org/repository/aclspecs.html.
- 5.
JavaScript Object Notation https://en.wikipedia.org/wiki/JSON.
- 6.
Every agent is simply a JAR file with its associated initialization file encoded in JSON.
References
Abu Rajab, M., Zarfoss, J., Monrose, F., Terzis, A.: A multifaceted approach to understanding the botnet phenomenon. In: Proceedings of the 6th ACM SIGCOMM Conference on Internet Measurement, pp. 41–52. ACM (2006)
Avgerinos, T., Cha, S.K., Rebert, A., Schwartz, E.J., Woo, M., Brumley, D.: Automatic exploit generation. Commun. ACM 57(2), 74–84 (2014)
Dastani, M.: A survey of multi-agent programming languages and frameworks. In: Shehory, O., Sturm, A. (eds.) Agent-Oriented Software Engineering, pp. 213–233. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54432-3_11
de la Asunción, M., Castillo, L., Fdez-Olivares, J., García-Pérez, O., González, A., Palao, F.: SIADEX: an interactive artificial intelligence planner for decision support and training in forest fire fighting. Artif. Intell. Commun. 18(4) (2005)
Fdez-Olivares, J., Castillo, L., García-Pérez, O., Palao, F.: Bringing users and planning technology together. Experiences in SIADEX. In: Sixteenth International Conference on Automated Planning and Scheduling, ICAPS (2006). Awarded as the Best Application Paper of this edition
Kotenko, I.: Multi-agent modelling and simulation of cyber-attacks and cyber-defense for homeland security. In: 4th IEEE Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, IDAACS 2007, pp. 614–619. IEEE (2007)
Magán-Carrión, R., Camacho-Páez, J., García-Teodoro, P.: A multiagent self-healing system against security incidents in MANETs. In: Corchado, J.M., et al. (eds.) PAAMS 2014. CCIS, vol. 430, pp. 321–332. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07767-3_29
Mead, J., Vasatka, J.E., Craig, J.A.: Cybersecurity system with differentiated capacity to deal with complex cyber attacks. US Patent App. 14/872,698 6 Apr 2017
National Institute of Standards and NIST Technology: Framework for improving critical infrastructure cybersecurity v 1.1 draft 2, December 2017
Oltramari, A., Ben-Asher, N., Cranor, L., Bauer, L., Christin, N.: General requirements of a hybrid-modeling framework for cyber security. In: 2014 IEEE Military Communications Conference (MILCOM), pp. 129–135. IEEE (2014)
Palmer, D.: Cyber-attacks are a top three risk to society, alongside natural disaster and extreme weather. ZDNet, January 2018. http://www.zdnet.com/article/cyber-attacks-are-a-top-three-risk-to-society-alongside-natural-disaster-and-extreme-weather/
Rahman, M.S., Mahmud, M.A., Oo, A.M.T., Pota, H.R.: Multi-agent approach for enhancing security of protection schemes in cyber-physical energy systems. IEEE Trans. Industr. Inform. 13(2), 436–447 (2017)
Rodríguez, A.: Cid. ciberdefensa inteligente distribuida (distributed intelligent cyberdefense). M.Sc. thesis, University of Granada (2017)
Shin, M.-K., Nam, K.-H., Kim, H.-J.: Software-defined networking (SDN): a reference architecture and open APIs. In: 2012 International Conference on ICT Convergence (ICTC), pp. 360–361. IEEE (2012)
Shosha, A.F., Gladyshev, P., Wu, S.-S., Liu, C.-C.: Detecting cyber intrusions in SCADA networks using multi-agent collaboration. In: 2011 16th International Conference on Intelligent System Application to Power Systems (ISAP), pp. 1–7. IEEE (2011)
Singh, M.P.: Cybersecurity as an application domain for multiagent systems. In: Proceedings of the 2015 International Conference on Autonomous Agents and Multiagent Systems, pp. 1207–1212. International Foundation for Autonomous Agents and Multiagent Systems (2015)
Such, J.M., Criado, N., Vercouter, L., Rehak, M.: Intelligent cybersecurity agents [guest editors’ introduction]. IEEE Intell. Syst. 31(5), 3–7 (2016)
Such, J.M., GarcíA-Fornes, A., Espinosa, A.N., Bellver, J.: Magentix2: a privacy-enhancing agent platform. Eng. Appl. Artif. Intell. 26(1), 96–109 (2013)
Wooldridge, M.: An Introduction to Multiagent Systems. Wiley, Hoboken (2009)
Acknowledgements
This work has been partly funded by TIN2015-71618-R (MINECO/FEDER).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Rodríguez, A., Castillo, L. (2018). A First Step Towards a General-Purpose Distributed Cyberdefense System. In: Demazeau, Y., An, B., Bajo, J., Fernández-Caballero, A. (eds) Advances in Practical Applications of Agents, Multi-Agent Systems, and Complexity: The PAAMS Collection. PAAMS 2018. Lecture Notes in Computer Science(), vol 10978. Springer, Cham. https://doi.org/10.1007/978-3-319-94580-4_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-94580-4_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-94579-8
Online ISBN: 978-3-319-94580-4
eBook Packages: Computer ScienceComputer Science (R0)