Abstract
The paper proposes the framework for investigation of prospective adaptive and cooperative defense mechanisms against the Internet attacks. The approach suggested is based on the multi-agent modeling and simulation. According to the approach the defense and attack systems are represented as interacting teams of intelligent agents that act under some adaptation criterion. They adjust their configuration and behavior in compliance with the network conditions and attack (defense) severity. The paper represents the architecture and software implementation of simulation environment that combines discrete-event simulation, multi-agent approach and packet-level simulation of various Internet protocols. The environment allows to simulate complex attack and defense scenarios. The paper describes the experiments aimed on the investigation of adaptive “Distributed Denial of Service” attacks and defense mechanisms.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Atighetchi, M., et al.: Building Auto-Adaptive Distributed Applications: The QuO-APOD Experience. In: Proceedings of 3rd International Workshop Distributed Auto-adaptive and Reconfigurable Systems (DARES), IEEE Computer Society Press, Los Alamitos (2003)
Atighetchi, M., et al.: Adaptive Use of Network-Centric Mechanisms in Cyber-Defense. In: Proceedings of 6th IEEE International Symposium Object-Oriented Real-Time Distributed Computing, IEEE Computer Society Press, Los Alamitos (2003)
Atighetchi, M., et al.: Adaptive Cyberdefense for Survival and Intrusion Tolerance. Internet Computing 8(6) (2004)
Chen, S., Song, Q.: Perimeter-Based Defense against High Bandwidth DDoS Attacks. IEEE Transactions on Parallel and Distributed Systems 16(7) (2005)
Cheng, S., et al.: An Architecture for Coordinating Multiple Self-Management Systems. In: Proceedings of the Fourth Working IEEE/IFIP Conference on Software Architecture (WICSA’04) (2004)
Cohen, P., Levesque, H.J.: Teamwork. Nous 35 (1991)
Combs, N., Vagel, J.: Adaptive mirroring of system of systems architectures. In: Proceedings of the First ACME SIGSOFT Workshop on Self-Healing Systems (WOSS ’02), Charleston, SC, USA, ACM Press, New York (2002)
Dashofy, E.M., van der Hoek, A., Taylor, R.N.: Towards architecture-based self-healing systems. In: Proceedings of the First ACME SIGSOFT Workshop on Self-Healing Systems (WOSS ’02), Charleston, SC, USA, ACM Press, New York (2002)
Gamer, T., Scholler, M., Bless, R.: A Granularity-adaptive System for in-Network Attack Detection. In: Proceedings of the IEEE / IST Workshop on Monitoring, Attack Detection and Mitigation (2006)
Gorodetski, V., Kotenko, I.: Conceptual foundations of stochastic simulation in the Internet (in Russian). In: Proceedings of system analysis institute of RAS, vol. 9, Moscow, URSS (2005)
Gross, P.N., et al.: An active events model for systems monitoring. In: Proceedings of the Working Conference on Complex and Dynamic Systems Architecture, Brisbane, Australia (2001)
Grosz, B., Kraus, S.: Collaborative Plans for Complex Group Actions. Artificial Intelligence 86 (1996)
Horn, P.: Autonomic Computing: IBM’s Perspective on the State of Information Technology (2001), http://www.research.ibm.com/autonomic/manifesto/autonomic_computing.pdf
Jin, C., Wang, H., Shin, K.G.: Hop-count filtering: An effective defense against spoofed DDoS traffic. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (2003)
Silva, F., et al.: Modeling Dynamic Adaptation of Distributed Systems. Technical Report UIUCDCS-R-2000-2196, Department of Computer Science, University of Illinois at Urbana-Champaign (2000)
Ishida, Y.: Immunity-Based Systems A Design Perspective. Springer, Heidelberg (2004)
J-Sim homepage, http://www.j-sim.org
Kephart, J.O., Chess, D.M.: The Vision of Autonomic Computing. IEEE Computer Magazine 1 (2003)
Keromytis, A.D., et al.: A Holistic Approach to Service Survivability. In: Proc. ACM Workshop on Survivable and Self-Regenerative Systems, ACM Press, New York (2003)
Keromytis, A.D., Misra, V., Rubenstein, D.: SOS: An architecture for mitigating DDoS attacks. Journal on Selected Areas in Communications 21 (2003)
Knight, J., et al.: The Willow Architecture: Comprehensive Survivability for Large-Scale Distributed Applications. In: Proc. Of International Conf. Dependable Systems and Networks (DSN 02), supplemental vol., IEEE Computer Society Press, Los Alamitos (2002)
Kotenko, I.V., Ulanov, A.V.: Agent-based simulation of DDOS attacks and defense mechanisms. Journal of Computing 4(2) (2005)
Kotenko, I., Ulanov, A.: Agent-based modeling and simulation of network softbots’ competition. Knowledge-Based Software Engineering. In: Proceedings of the Seventh Joint Conference on Knowledge-Based Software Engineering (JCKBSE’06). Frontiers in Artificial Intelligence, IOS Press, Amsterdam (2006)
Kotenko, I., Ulanov, A.: Simulation of Internet DDoS Attacks and Defense. In: Katsikas, S.K., et al. (eds.) ISC 2006. LNCS, vol. 4176, Springer, Heidelberg (2006)
Macal, C.M., North, M.J.: Tutorial on Agent-based Modeling and Simulation. In: Proceedings of the 2005 Winter Simulation Conference (2005)
Mahadevan, P., et al.: Lessons from Three Views of the Internet Topology. Technical Report. Cooperative Association for Internet Data Analysis (CAIDA) (2005)
Marietto, M., et al.: Requirements Analysis of Agent-Based Simulaton Platforms: State of the Art and New Prospects. In: Sichman, J.S., Bousquet, F., Davidsson, P. (eds.) MABS 2002. LNCS (LNAI), vol. 2581, Springer, Heidelberg (2003)
Mirkovic, J., et al.: Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall PTR, Englewood Cliffs (2004)
Mirkovic, J., et al.: Distributed Defense Against DDOS Attacks. Technical Report CIS-TR-2005-02, University of Delaware (2005)
Negoita, M., Neagu, D., Palade, V.: Computational Intelligence Engineering of Hybrid Systems. Springer, Heidelberg (2005)
NS2 homepage, http://www.isi.edu/nsnam/ns/
OMNeT++ homepage, http://www.omnetpp.org/
Oreizy, P., et al.: An architecture-based approach to self-adaptative software. IEEE Intelligent Systems 14(3) (1999)
Papadopoulos, C., et al.: Cossack: Coordinated suppression of simultaneous attacks. In: Proceedings of DISCEX III (2003)
Paruchuri, P., et al.: Mutiagent Teamwork: Hybrid Approaches. Computer society of India Communications (2006)
Ramamohanarao, K., Peng, T., Leckie, C.: Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring. In: Mitrou, N.M., et al. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 771–782. Springer, Heidelberg (2004)
Piszcz, A., et al.: Engineering Issues for an Adaptive Defense Network. MITRE Technical Report (2001)
SSF Net homepage, http://www.ssfnet.org
Tambe, M., Pynadath, D.V.: Towards Heterogeneous Agent Teams. In: Luck, M., et al. (eds.) ACAI 2001 and EASSS 2001. LNCS (LNAI), vol. 2086, Springer, Heidelberg (2001)
Want, R., Pering, T., Tennenhouse, D.: Comparing autonomic and proactive computing. IBM Systems Journal 42(1) (2003)
Webber, F., et al.: Defense-Enabled Applications. In: Proc. DARPA Information Survivability Conf (DISCEX II), vol. 2, IEEE CS Press, Los Alamitos (2001)
Xuan, D., Bettati, R., Zhao, W.: A gateway-based defense system for distributed dos attacks in high-speed networks. IEEE Transactions on Systems, Man, and Cybernetics (2002)
Zou, C.C., et al.: Adaptive Defense against Various Network Attacks. IEEE Journal on Selected Areas in Communications: High-Speed Network Security (J-SAC) 24(10) (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Kotenko, I., Ulanov, A. (2007). Multi-agent Framework for Simulation of Adaptive Cooperative Defense Against Internet Attacks. In: Gorodetsky, V., Zhang, C., Skormin, V.A., Cao, L. (eds) Autonomous Intelligent Systems: Multi-Agents and Data Mining. AIS-ADM 2007. Lecture Notes in Computer Science(), vol 4476. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72839-9_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-72839-9_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72838-2
Online ISBN: 978-3-540-72839-9
eBook Packages: Computer ScienceComputer Science (R0)