Abstract
Ever increasing use of heterogeneous networks including mobile devices and ad-hoc sensor networks signifies the role of such information systems’ properties as openness, autonomy, cooperation, coordination, etc. Agent-based service-oriented Peer-to-Peer (P2P) architecture provides attractive (if not unique) design and implementation paradigm for such systems. This trend implies coherent evolution of security systems, that put in use the notions of distributed security policy, distributed intrusion detection systems, etc.1, requiring novel ideas. The paper proposes new architecture for such security systems. This architecture provides cooperative performance of distributed security means (agents) supported by distributed meta-knowledge base implemented as an overlay network of instances of P2P agent platform set up on top of P2P networking provider. The paper also analyzes new issues of P2P security systems with the main emphasis on P2P training of security agents to correlation of alerts produced by other relevant agents. An artificially built case study is used to highlight the essence of P2P security agent training to P2P decision combining and to exhibit new problems.
For open agent-based system, the notion of distributed trust should also be used: it provides a way to find a tradeoff between security and openness.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
AAFID http://www.cerias.purdue.edu/about/history/coast/projects/aafid.php
Xiao, R., Zheng, J., Wang, X., Xue, X.A.: A Novel Peer-to-Peer Intrusion Detection System Using Mobile Agents in MANETs. In: Sixth International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT-2005), pp. 441–445 (2005)
Asaka, M., Taguchi, A., Goto, S.: The Implementation of IDA: An Intrusion Detection Agent System. In: Proceedings of the 11th FIRST Conference 1999, Australia (1999)
Datta, S., Bhaduri, K., Giannella, C., Wolff, R., Kargupta, H.: Distributed Data Mining in Peer-to-Peer Networks. IEEE Internet Computing special issue on Distributed Data Mining, 10(4), 18–26 (2006)
FIPA web site, http://www.fipa.org
FIPA P2P NA WG6: Functional Architecture Specification Draft 0.12. http://www.fipa.org/subgroups/P2PNA-WG-docs/P2PNA-Spec-Draft0.12.doc
FIPA P2P Nomadic Agents Working Group (P2PNA WG6), http://www.fipa.org/subgroups/P2PNA-WG.html
Gorodetsky, V., Karsaev, O., Samoylov, V., Serebryakov, S.: P2P Agent Platform: Implementation and Testing. In: Proceedings of AP2PC Workshop at AAMAS 07, pp. 25–32 (2007)
Gorodetsky, V., Karsaev, O., Samoilov, V., Serebryakov, S.: Agent-based Service-Oriented Intelligent Networks for Distributed Classification. In: International Conference “Hybrid Information Technologies” (ICHIT-2006), pp. 224–233. IEEE Computer Press, Los Alamitos (2006)
Helmer, G.G., Wong, J.S.K., Honavar, V., Miller, L.: Intelligent agents for intrusion detection. In: Proceedings, IEEE Information Technology Conference, Syracuse, NY, September 1998, pp. 121–124, IEEE Computer Society Press, Los Alamitos (1998)
Kephart, J.: Multiagent Systems for Autonomic Computing. In: AAMAS 2007 (2007)
Kittler, J., Hatef, M., Duin, R.P.W., Matas, J.: On combining classifiers. IEEE Transactions on pattern Analysis and Machine Intelligence 20(3), 226–239 (1998)
Lin, N., Marzullo, K., Masini, S.: Gossip versus Deterministic Flooding: Low Message Overhead and High Reliability for Broadcasting on Small Networks, Technical report CS1999-0637, http://citeseer.ist.psu.edu/563854.html
Ragsdale, D.J., Carver, C.A., Humphries, J.W., Pooch, U.W.: Adaptation Techniques for Intrusion Detection and Intrusion Response Systems. In: Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics, Nashville, Tennessee, October 8–11, pp. 2344–2349 (2000)
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Gorodetsky, V., Karsaev, O., Samoylov, V., Serebryakov, S. (2007). Multi-agent Peer-to-Peer Intrusion Detection. In: Gorodetsky, V., Kotenko, I., Skormin, V.A. (eds) Computer Network Security. MMM-ACNS 2007. Communications in Computer and Information Science, vol 1. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73986-9_23
Download citation
DOI: https://doi.org/10.1007/978-3-540-73986-9_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-73985-2
Online ISBN: 978-3-540-73986-9
eBook Packages: Computer ScienceComputer Science (R0)