4,950 research outputs found
Sensor networks security based on sensitive robots agents. A conceptual model
Multi-agent systems are currently applied to solve complex problems. The
security of networks is an eloquent example of a complex and difficult problem.
A new model-concept Hybrid Sensitive Robot Metaheuristic for Intrusion
Detection is introduced in the current paper. The proposed technique could be
used with machine learning based intrusion detection techniques. The new model
uses the reaction of virtual sensitive robots to different stigmergic variables
in order to keep the tracks of the intruders when securing a sensor network.Comment: 5 page
Recommended from our members
A survey of intrusion detection techniques in Cloud
Cloud computing provides scalable, virtualized on-demand services to the end users with greater flexibility and lesser infrastructural investment. These services are provided over the Internet using known networking protocols, standards and formats under the supervision of different managements. Existing bugs and vulnerabilities in underlying technologies and legacy protocols tend to open doors for intrusion. This paper, surveys different intrusions affecting availability, confidentiality and integrity of Cloud resources and services. It examines proposals incorporating Intrusion Detection Systems (IDS) in Cloud and discusses various types and techniques of IDS and Intrusion Prevention Systems (IPS), and recommends IDS/IPS positioning in Cloud architecture to achieve desired security in the next generation networks
AI Solutions for MDS: Artificial Intelligence Techniques for Misuse Detection and Localisation in Telecommunication Environments
This report considers the application of Articial Intelligence (AI) techniques to
the problem of misuse detection and misuse localisation within telecommunications
environments. A broad survey of techniques is provided, that covers inter alia
rule based systems, model-based systems, case based reasoning, pattern matching,
clustering and feature extraction, articial neural networks, genetic algorithms, arti
cial immune systems, agent based systems, data mining and a variety of hybrid
approaches. The report then considers the central issue of event correlation, that
is at the heart of many misuse detection and localisation systems. The notion of
being able to infer misuse by the correlation of individual temporally distributed
events within a multiple data stream environment is explored, and a range of techniques,
covering model based approaches, `programmed' AI and machine learning
paradigms. It is found that, in general, correlation is best achieved via rule based approaches,
but that these suffer from a number of drawbacks, such as the difculty of
developing and maintaining an appropriate knowledge base, and the lack of ability
to generalise from known misuses to new unseen misuses. Two distinct approaches
are evident. One attempts to encode knowledge of known misuses, typically within
rules, and use this to screen events. This approach cannot generally detect misuses
for which it has not been programmed, i.e. it is prone to issuing false negatives.
The other attempts to `learn' the features of event patterns that constitute normal
behaviour, and, by observing patterns that do not match expected behaviour, detect
when a misuse has occurred. This approach is prone to issuing false positives,
i.e. inferring misuse from innocent patterns of behaviour that the system was not
trained to recognise. Contemporary approaches are seen to favour hybridisation,
often combining detection or localisation mechanisms for both abnormal and normal
behaviour, the former to capture known cases of misuse, the latter to capture
unknown cases. In some systems, these mechanisms even work together to update
each other to increase detection rates and lower false positive rates. It is concluded
that hybridisation offers the most promising future direction, but that a rule or state
based component is likely to remain, being the most natural approach to the correlation
of complex events. The challenge, then, is to mitigate the weaknesses of
canonical programmed systems such that learning, generalisation and adaptation
are more readily facilitated
A New Distributed Intrusion Detection System Based on Multi-Agent System for Cloud Environment
Cloud computing, like any distributed computing system, is continually exposed to many threats and attacks of various origins. Thus, cloud security is now a very important concern for both providers and users. Intrusion detection systems (IDSs) are used to detect attacks in this environment. The goal of security administrators (for both customers and providers) is to prevent and detect attacks while avoiding disruption of the smooth operation of the cloud. Making IDSs efficient is not an easy task in a distributed environment such as the cloud. This problem remains open, and to our knowledge, there are no satisfactory solutions for the automated evaluation and analysis of cloud security. The features of the multi-agent system paradigm, such as adaptability, collaboration, and distribution, make it possible to handle this evolution of cloud computing in an efficient and controlled manner. As a result, multi-agent systems are well suited to the effective management of cloud security. In this paper, we propose an efficient, reliable and secure distributed IDS (DIDS) based on a multi-agent approach to identify and prevent new and complex malicious attacks in this environment. Moreover, some experiments were conducted to evaluate the performance of our model
Configuring and Implementing IPS Solutions for IoT Devices using NST
The necessity to ensure that Internet of Things (IoT) networks are secure is one of the biggest issues that has arisen as a result of the growing demand for technology that uses the IoT. Considering how many gadgets are linked to the internet, safeguarding their networks is a growing worry. Due to the IoT's network's complexity and resource constraints, traditional intrusion detection systems encounter a number of problems. The main objectives of this project are to design, develop, and evaluate a hybrid level placement method for an IDS based on multi- agent systems, BC technology (Block-Chain), and DL algorithms (Deep Learning). The breakdown of data administration, data collection, analysis, and reaction into its component parts reveals the overall system design. The National Security Laboratory's knowledge discovery and data mining dataset is used to test the system as part of the validation procedure. These results demonstrate how deep learning algorithms are effective at identifying risks at the network and transport levels. The experiment shows that deep learning techniques function well when used to find intrusions in a network environment for the Internet of Things
BIOLOGICAL INSPIRED INTRUSION PREVENTION AND SELF-HEALING SYSTEM FOR CRITICAL SERVICES NETWORK
With the explosive development of the critical services network systems and Internet, the need for networks security systems have become even critical with the enlargement of information technology in everyday life. Intrusion Prevention System (IPS) provides an in-line mechanism focus on identifying and blocking malicious network activity in real time. This thesis presents new intrusion prevention and self-healing system (SH) for critical services network security. The design features of the proposed system are inspired by the human immune system, integrated with pattern recognition nonlinear classification algorithm and machine learning. Firstly, the current intrusions preventions systems, biological innate and adaptive immune systems, autonomic computing and self-healing mechanisms are studied and analyzed. The importance of intrusion prevention system recommends that artificial immune systems (AIS) should incorporate abstraction models from innate, adaptive immune system, pattern recognition, machine learning and self-healing mechanisms to present autonomous IPS system with fast and high accurate detection and prevention performance and survivability for critical services network system. Secondly, specification language, system design, mathematical and computational models for IPS and SH system are established, which are based upon nonlinear classification, prevention predictability trust, analysis, self-adaptation and self-healing algorithms. Finally, the validation of the system carried out by simulation tests, measuring, benchmarking and comparative studies. New benchmarking metrics for detection capabilities, prevention predictability trust and self-healing reliability are introduced as contributions for the IPS and SH system measuring and validation.
Using the software system, design theories, AIS features, new nonlinear classification algorithm, and self-healing system show how the use of presented systems can ensure safety for critical services networks and heal the damage caused by intrusion. This autonomous system improves the performance of the current intrusion prevention system and carries on system continuity by using self-healing mechanism
Intrusion detection system for the Internet of Things based on blockchain and multi-agent systems
With the popularity of Internet of Things (IoT) technology, the security of the IoT network has become an important issue. Traditional intrusion detection systems have their limitations when applied to the IoT network due to resource constraints and the complexity. This research focusses on the design, implementation and testing of an intrusion detection system which uses a hybrid placement strategy based on a multi-agent system, blockchain and deep learning algorithms. The system consists of the following modules: data collection, data management, analysis, and response. The National security lab–knowledge discovery and data mining NSL-KDD dataset is used to test the system. The results demonstrate the efficiency of deep learning algorithms when detecting attacks from the transport layer. The experiment indicates that deep learning algorithms are suitable for intrusion detection in IoT network environment
Cooperative Trust Framework for Cloud Computing Based on Mobile Agents
Cloud computing opens doors to the multiple, unlimited venues from elastic computing to on demand provisioning to dynamic storage, reduce the potential costs through optimized and efficient computing. To provide secure and reliable services in cloud computing environment is an important issue. One of the security issues is how to reduce the impact of for any type of intrusion in this environment. To counter these kinds of attacks, a framework of cooperative Hybrid intrusion detection system (Hy-IDS) and Mobile Agents is proposed. This framework allows protection against the intrusion attacks. Our Hybrid IDS is based on two types of IDS, the first for the detection of attacks at the level of virtual machines (VMs), the second for the network attack detection and Mobile Agents. Then, this framework unfolds in three phases: the first, detection intrusion in a virtual environment using mobile agents for collected malicious data. The second, generating new signatures from malicious data, which were collected in the first phase. The third, dynamic deployment of updates between clusters in a cloud computing, using the newest signatures previously created. By this type of close-loop control, the collaborative network security management system can identify and address new distributed attacks more quickly and effectively. In this paper, we develop a collaborative approach based on Hy-IDS and Mobile Agents in Cloud Environment, to define a dynamic context which enables the detection of new attacks, with much detail as possible
- …