Advertisement

Multi-agent Peer-to-Peer Intrusion Detection

  • Vladimir Gorodetsky
  • Oleg Karsaev
  • Vladimir Samoylov
  • Sergey Serebryakov
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1)

Abstract

Ever increasing use of heterogeneous networks including mobile devices and ad-hoc sensor networks signifies the role of such information systems’ properties as openness, autonomy, cooperation, coordination, etc. Agent-based service-oriented Peer-to-Peer (P2P) architecture provides attractive (if not unique) design and implementation paradigm for such systems. This trend implies coherent evolution of security systems, that put in use the notions of distributed security policy, distributed intrusion detection systems, etc.1, requiring novel ideas. The paper proposes new architecture for such security systems. This architecture provides cooperative performance of distributed security means (agents) supported by distributed meta-knowledge base implemented as an overlay network of instances of P2P agent platform set up on top of P2P networking provider. The paper also analyzes new issues of P2P security systems with the main emphasis on P2P training of security agents to correlation of alerts produced by other relevant agents. An artificially built case study is used to highlight the essence of P2P security agent training to P2P decision combining and to exhibit new problems.

Keywords

Intrusion Detection Intrusion Detection System Overlay Network Agent Platform Yellow Page 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
    Xiao, R., Zheng, J., Wang, X., Xue, X.A.: A Novel Peer-to-Peer Intrusion Detection System Using Mobile Agents in MANETs. In: Sixth International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT-2005), pp. 441–445 (2005)Google Scholar
  3. 3.
    Asaka, M., Taguchi, A., Goto, S.: The Implementation of IDA: An Intrusion Detection Agent System. In: Proceedings of the 11th FIRST Conference 1999, Australia (1999)Google Scholar
  4. 4.
    Datta, S., Bhaduri, K., Giannella, C., Wolff, R., Kargupta, H.: Distributed Data Mining in Peer-to-Peer Networks. IEEE Internet Computing special issue on Distributed Data Mining, 10(4), 18–26 (2006)Google Scholar
  5. 5.
    FIPA web site, http://www.fipa.org
  6. 6.
    FIPA P2P NA WG6: Functional Architecture Specification Draft 0.12. http://www.fipa.org/subgroups/P2PNA-WG-docs/P2PNA-Spec-Draft0.12.doc
  7. 7.
    FIPA P2P Nomadic Agents Working Group (P2PNA WG6), http://www.fipa.org/subgroups/P2PNA-WG.html
  8. 8.
    Gorodetsky, V., Karsaev, O., Samoylov, V., Serebryakov, S.: P2P Agent Platform: Implementation and Testing. In: Proceedings of AP2PC Workshop at AAMAS 07, pp. 25–32 (2007)Google Scholar
  9. 9.
    Gorodetsky, V., Karsaev, O., Samoilov, V., Serebryakov, S.: Agent-based Service-Oriented Intelligent Networks for Distributed Classification. In: International Conference “Hybrid Information Technologies” (ICHIT-2006), pp. 224–233. IEEE Computer Press, Los Alamitos (2006)CrossRefGoogle Scholar
  10. 10.
    Helmer, G.G., Wong, J.S.K., Honavar, V., Miller, L.: Intelligent agents for intrusion detection. In: Proceedings, IEEE Information Technology Conference, Syracuse, NY, September 1998, pp. 121–124, IEEE Computer Society Press, Los Alamitos (1998)CrossRefGoogle Scholar
  11. 11.
    Kephart, J.: Multiagent Systems for Autonomic Computing. In: AAMAS 2007 (2007)Google Scholar
  12. 12.
    Kittler, J., Hatef, M., Duin, R.P.W., Matas, J.: On combining classifiers. IEEE Transactions on pattern Analysis and Machine Intelligence 20(3), 226–239 (1998)CrossRefGoogle Scholar
  13. 13.
    Lin, N., Marzullo, K., Masini, S.: Gossip versus Deterministic Flooding: Low Message Overhead and High Reliability for Broadcasting on Small Networks, Technical report CS1999-0637, http://citeseer.ist.psu.edu/563854.html
  14. 14.
    Ragsdale, D.J., Carver, C.A., Humphries, J.W., Pooch, U.W.: Adaptation Techniques for Intrusion Detection and Intrusion Response Systems. In: Proceedings of the IEEE International Conference on Systems, Man, and Cybernetics, Nashville, Tennessee, October 8–11, pp. 2344–2349 (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Vladimir Gorodetsky
  • Oleg Karsaev
  • Vladimir Samoylov
  • Sergey Serebryakov

There are no affiliations available

Personalised recommendations