A Multi Agent System for Flow-Based Intrusion Detection

The detection and elimination of threats to cyber security is essential for system functionality, protection of valuable information, and preventing costly destruction of assets. This thesis presents a Mobile Multi-Agent Flow-Based IDS called MFIREv3 that provides network anomaly detection of intrusions and automated defense. This version of the MFIRE system includes the development and testing of a Multi-Objective Evolutionary Algorithm (MOEA) for feature selection that provides agents with the optimal set of features for classifying the state of the network. Feature selection provides separable data points for the selected attacks: Worm, Distributed Denial of Service, Man-in-the-Middle, Scan, and Trojan. This investigation develops three techniques of self-organization for multiple distributed agents in an intrusion detection system: Reputation, Stochastic, and Maximum Cover. These three movement models are tested for effectiveness in locating good agent vantage points within the network to classify the state of the network. MFIREv3 also introduces the design of defensive measures to limit the effects of network attacks. Defensive measures included in this research are rate-limiting and elimination of infected nodes. The results of this research provide an optimistic outlook for flow-based multi-agent systems for cyber security. The impact of this research illustrates how feature selection in cooperation with movement models for multi agent systems provides excellent attack detection and classification

Advances in infrastructures and tools for multiagent systems

In the last few years, information system technologies have focused on solving challenges in order to develop distributed applications. Distributed systems can be viewed as collections of service-provider and ser vice-consumer components interlinked by dynamically defined workflows (Luck and McBurney 2008).Alberola Oltra, JM.; Botti Navarro, VJ.; Such Aparicio, JM. (2014). Advances in infrastructures and tools for multiagent systems. Information Systems Frontiers. 16:163-167. doi:10.1007/s10796-014-9493-6S16316716Alberola, J. M., Búrdalo, L., Julián, V., Terrasa, A., & García-Fornes, A. (2014). An adaptive framework for monitoring agent organizations. Information Systems Frontiers, 16(2). doi: 10.1007/s10796-013-9478-x .Alfonso, B., Botti, V., Garrido, A., & Giret, A. (2014). A MAS-based infrastructure for negotiation and its application to a water-right market. Information Systems Frontiers, 16(2). doi: 10.1007/s10796-013-9443-8 .Andrighetto, G., Castelfranchi, C., Mayor, E., McBreen, J., López-Sánchez, M., & Parsons, S. (2013). (Social) norm dynamics. In G. Andrighetto, G. Governatori, P. Noriega, & L. W. van der Torre (Eds.), Normative multi-agent systems (pp. 135–170). Dagstuhl: Schloss Dagstuhl--Leibniz-Zentrum fuer Informatik.Baarslag, T., Fujita, K., Gerding, E. H., Hindriks, K., Ito, T., Jennings, N. R., et al. (2013). Evaluating practical negotiating agents: results and analysis of the 2011 international competition. Artificial Intelligence, 198, 73–103.Boissier, O., Bordini, R. H., Hübner, J. F., Ricci, A., & Santi, A. (2013). Multi-agent oriented programming with JaCaMo. Science of Computer Programming, 78(6), 747–761.Campos, J., Esteva, M., López-Sánchez, M., Morales, J., & Salamó, M. (2011). Organisational adaptation of multi-agent systems in a peer-to-peer scenario. Computing, 91(2), 169–215.Carrera, A., Iglesias, C. A., & Garijo, M. (2014). Beast methodology: an agile testing methodology for multi-agent systems based on behaviour driven development. Information Systems Frontiers, 16(2). doi: 10.1007/s10796-013-9438-5 .Criado, N., Such, J. M., & Botti, V. (2014). Norm reasoning services. Information Systems Frontiers, 16(2). doi: 10.1007/s10796-013-9444-7 .Del Val, E., Rebollo, M., & Botti, V. (2014). Enhancing decentralized service discovery in open service-oriented multi-agent systems. Journal of Autonomous Agents and Multi-Agent Systems, 28(1), 1–30.Denti, E., Omicini, A., & Ricci, A. (2002). Coordination tools for MAS development and deployment. Applied Artificial Intelligence, 16(9–10), 721–752.Dignum, V., & Dignum, F. (2012). A logic of agent organizations. Logic Journal of IGPL, 20(1), 283–316.Ferber, J., & Gutknecht, O. (1998). A meta-model for the analysis and design of organizations in multi-agent systems. In Multi agent systems. Proceedings. International Conference on (pp. 128–135). IEEE.Fogués, R. L., Such, J. M., Espinosa, A., & Garcia-Fornes, A. (2014). BFF: a tool for eliciting tie strength and user communities in social networking services. Information Systems Frontiers, 16(2). doi: 10.1007/s10796-013-9453-6 .Garcia, E., Giret, A., & Botti, V. (2011). Evaluating software engineering techniques for developing complex systems with multiagent approaches. Information and Software Technology, 53(5), 494–506.Garcia-Fornes, A., Hübner, J., Omicini, A., Rodriguez-Aguilar, J., & Botti, V. (2011). Infrastructures and tools for multiagent systems for the new generation of distributed systems. Engineering Applications of Articial Intelligence, 24(7), 1095–1097.Jennings, N., Faratin, P., Lomuscio, A., Parsons, S., Sierra, C., & Wooldridge, M. (2001). Automated negotiation: prospects, methods and challenges. International Journal of Group Decision and Negotiation, 10(2), 199–215.Jung, Y., Kim, M., Masoumzadeh, A., & Joshi, J. B. (2012). A survey of security issue in multi-agent systems. Artificial Intelligence Review, 37(3), 239–260.Kota, R., Gibbins, N., & Jennings, N. R. (2012). Decentralized approaches for self-adaptation in agent organizations. ACM Transactions on Autonomous and Adaptive Systems (TAAS), 7(1), 1.Kraus, S. (1997). Negotiation and cooperation in multi-agent environments. Artificial Intelligence, 94(1), 79–97.Lin, Y. I., Chou, Y. W., Shiau, J. Y., & Chu, C. H. (2013). Multi-agent negotiation based on price schedules algorithm for distributed collaborative design. Journal of Intelligent Manufacturing, 24(3), 545–557.Luck, M., & McBurney, P. (2008). Computing as interaction: agent and agreement technologies.Luck, M., McBurney, P., Shehory, O., & Willmott, S. (2005). Agent technology: Computing as interaction (A roadmap for agent based computing). AgentLink.Ossowski, S., & Menezes, R. (2006). On coordination and its significance to distributed and multiagent systems. Concurrency and Computation: Practice and Experience, 18(4), 359–370.Ossowski, S., Sierra, C., & Botti. (2013). Agreement technologies: A computing perspective. In Agreement Technologies (pp. 3–16). Springer Netherlands.Pinyol, I., & Sabater-Mir, J. (2013). Computational trust and reputation models for open multi-agent systems: a review. Artificial Intelligence Review, 40(1), 1–25.Ricci, A., Piunti, M., & Viroli, M. (2011). Environment programming in multi-agent systems: an artifact-based perspective. Autonomous Agents and Multi-Agent Systems, 23(2), 158–192.Sierra, C., & Debenham, J. (2006). Trust and honour in information-based agency. In Proceedings of the 5th international conference on autonomous agents and multi agent systems, (p. 1225–1232). New York: ACM.Sierra, C., Botti, V., & Ossowski, S. (2011). Agreement computing. KI-Knstliche Intelligenz, 25(1), 57–61.Vasconcelos, W., García-Camino, A., Gaertner, D., Rodríguez-Aguilar, J. A., & Noriega, P. (2012). Distributed norm management for multi-agent systems. Expert Systems with Applications, 39(5), 5990–5999.Wooldridge, M. (2002). An introduction to multiagent systems. New York: Wiley.Wooldridge, M., & Jennings, N. R. (1995). Intelligent agents: theory and practice. Knowledge Engineering Review, 10(2), 115–152

Intrusion detection system for the Internet of Things based on blockchain and multi-agent systems

With the popularity of Internet of Things (IoT) technology, the security of the IoT network has become an important issue. Traditional intrusion detection systems have their limitations when applied to the IoT network due to resource constraints and the complexity. This research focusses on the design, implementation and testing of an intrusion detection system which uses a hybrid placement strategy based on a multi-agent system, blockchain and deep learning algorithms. The system consists of the following modules: data collection, data management, analysis, and response. The National security lab–knowledge discovery and data mining NSL-KDD dataset is used to test the system. The results demonstrate the efficiency of deep learning algorithms when detecting attacks from the transport layer. The experiment indicates that deep learning algorithms are suitable for intrusion detection in IoT network environment

Reinforcement learning for efficient network penetration testing

Penetration testing (also known as pentesting or PT) is a common practice for actively assessing the defenses of a computer network by planning and executing all possible attacks to discover and exploit existing vulnerabilities. Current penetration testing methods are increasingly becoming non-standard, composite and resource-consuming despite the use of evolving tools. In this paper, we propose and evaluate an AI-based pentesting system which makes use of machine learning techniques, namely reinforcement learning (RL) to learn and reproduce average and complex pentesting activities. The proposed system is named Intelligent Automated Penetration Testing System (IAPTS) consisting of a module that integrates with industrial PT frameworks to enable them to capture information, learn from experience, and reproduce tests in future similar testing cases. IAPTS aims to save human resources while producing much-enhanced results in terms of time consumption, reliability and frequency of testing. IAPTS takes the approach of modeling PT environments and tasks as a partially observed Markov decision process (POMDP) problem which is solved by POMDP-solver. Although the scope of this paper is limited to network infrastructures PT planning and not the entire practice, the obtained results support the hypothesis that RL can enhance PT beyond the capabilities of any human PT expert in terms of time consumed, covered attacking vectors, accuracy and reliability of the outputs. In addition, this work tackles the complex problem of expertise capturing and re-use by allowing the IAPTS learning module to store and re-use PT policies in the same way that a human PT expert would learn but in a more efficient way

A modularized electronic payment system for agent-based e-commerce

With the explosive growth of the Internet, electronic-commerce (e-commerce) is an increasingly important segment of commercial activities on the web. The Secure Agent Fabrication, Evolution & Roaming (SAFER) architecture was proposed to further facilitate e-commerce using agent technology. In this paper, the electronic payment aspect of SAFER will be explored. The Secure Electronic Transaction (SET) protocol and E-Cash were selected as the bases for the electronic payment system implementation. The various modules of the payment system and how they interface with each other are shown. An extensible implementation done using JavaTM will also be elaborated. This application incorporates agent roaming functionality and the ability to conduct e-commerce transactions and carry out intelligent e-payment procedures