Multi-agent Peer-to-Peer Intrusion Detection
Ever increasing use of heterogeneous networks including mobile devices and ad-hoc sensor networks signifies the role of such information systems’ properties as openness, autonomy, cooperation, coordination, etc. Agent-based service-oriented Peer-to-Peer (P2P) architecture provides attractive (if not unique) design and implementation paradigm for such systems. This trend implies coherent evolution of security systems, that put in use the notions of distributed security policy, distributed intrusion detection systems, etc.1, requiring novel ideas. The paper proposes new architecture for such security systems. This architecture provides cooperative performance of distributed security means (agents) supported by distributed meta-knowledge base implemented as an overlay network of instances of P2P agent platform set up on top of P2P networking provider. The paper also analyzes new issues of P2P security systems with the main emphasis on P2P training of security agents to correlation of alerts produced by other relevant agents. An artificially built case study is used to highlight the essence of P2P security agent training to P2P decision combining and to exhibit new problems.
KeywordsIntrusion Detection Intrusion Detection System Overlay Network Agent Platform Yellow Page
Unable to display preview. Download preview PDF.
- 2.Xiao, R., Zheng, J., Wang, X., Xue, X.A.: A Novel Peer-to-Peer Intrusion Detection System Using Mobile Agents in MANETs. In: Sixth International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT-2005), pp. 441–445 (2005)Google Scholar
- 3.Asaka, M., Taguchi, A., Goto, S.: The Implementation of IDA: An Intrusion Detection Agent System. In: Proceedings of the 11th FIRST Conference 1999, Australia (1999)Google Scholar
- 4.Datta, S., Bhaduri, K., Giannella, C., Wolff, R., Kargupta, H.: Distributed Data Mining in Peer-to-Peer Networks. IEEE Internet Computing special issue on Distributed Data Mining, 10(4), 18–26 (2006)Google Scholar
- 5.FIPA web site, http://www.fipa.org
- 6.FIPA P2P NA WG6: Functional Architecture Specification Draft 0.12. http://www.fipa.org/subgroups/P2PNA-WG-docs/P2PNA-Spec-Draft0.12.doc
- 7.FIPA P2P Nomadic Agents Working Group (P2PNA WG6), http://www.fipa.org/subgroups/P2PNA-WG.html
- 8.Gorodetsky, V., Karsaev, O., Samoylov, V., Serebryakov, S.: P2P Agent Platform: Implementation and Testing. In: Proceedings of AP2PC Workshop at AAMAS 07, pp. 25–32 (2007)Google Scholar
- 11.Kephart, J.: Multiagent Systems for Autonomic Computing. In: AAMAS 2007 (2007)Google Scholar
- 13.Lin, N., Marzullo, K., Masini, S.: Gossip versus Deterministic Flooding: Low Message Overhead and High Reliability for Broadcasting on Small Networks, Technical report CS1999-0637, http://citeseer.ist.psu.edu/563854.html
- 14.Ragsdale, D.J., Carver, C.A., Humphries, J.W., Pooch, U.W.: Adaptation Techniques for Intrusion Detection and Intrusion Response Systems. In: Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics, Nashville, Tennessee, October 8–11, pp. 2344–2349 (2000)Google Scholar