A machine learning approach with verification of predictions and assisted supervision for a rule-based network intrusion detection system

Network security is a branch of network management in which network intrusion detection systems provide attack detection features by monitorization of traffic data. Rule-based misuse detection systems use a set of rules or signatures to detect attacks that exploit a particular vulnerability. These rules have to be handcoded by experts to properly identify vulnerabilities, which results in misuse detection systems having limited extensibility. This paper proposes a machine learning layer on top of a rule-based misuse detection system that provides automatic generation of detection rules, prediction verification and assisted classification of new data. Our system offers an overall good performance, while adding an heuristic and adaptive approach to existing rule-based misuse detection systems

UER technique: conceptualisation for agent oriented development

The problem of conceptualisation is the first step towards the identication of the functional requirements of a system. This article proposes two extensions of well-known object oriented techniques: UER (User-Environment-Responsibility) technique and enhanced CRC (Class-ResponsibilityCollaboration) cards. UER technique consists of (a) looking for the users of systems and describing the ways the system is used; (b) looking for the objects of the environment and describing the possible interactions; and (c) looking for the general requirements or goals of the system, the actions that it should carry out without explicit interaction. The enhanced CRC cards together with the internal use cases technique is used for dening collaborations between agents. These techniques can be easily integrated in UML (Unied Modelling Language) [2], dening the new notation symbols as stereotypes

Sistema de detección de intrusiones con mantenimiento asistido de bases de datos de ataques mediante aprendizaje automático

Los sistemas de detecci´on de intrusiones (o IDS, del ingl´es Intrusion Detection System) tienen como fin la detecci´on de ataques en redes de comunicaciones. Como tales, constituyen un elemento de inter´es en la provisi´on de seguridad en gesti´on de redes ante la asunci´on de existencia de agujeros de seguridad en los sistemas hardware y software. Por otro lado, existen sistemas de detecci´on de intrusiones de c´odigo abierto basados en reglas, cuya principal desventaja consiste en el esfuerzo t´ecnico de matenimiento de la base de datos de reglas. En este documento se analizan las t´ecnicas m´as utilizadas en sistemas de detecci´on de intrusiones y se reutilizan sistemas de intrusiones basados en reglas para proponer un sistema de detecci´on de intrusiones con mantenimiento asistido de bases de datos de ataques mediante aprendizaje autom´atico

A Knowledge-Based System for the Validation of the Deployment of Software Units

Today, many business applications are developed following SOA principles. One of the activities required for their implementation is deployment, a complex process that usually is done by hand, being necessary to develop new tools to facilitate it. This article proposes a knowledge-based system that validates the deployment of software units on a particular environment, before executing them. The system is based on an information model and has been implemented with Drools 5.0 and as a OSGi bundle to be integrated into a deployment and configuration architecture

Sistemas basado en reglas para la validación del despliegue de servicios

El despliegue de servicios es una tarea compleja, al depender de múltiples factores que pueden variaren el tiempo, que se realiza normalmente de forma manual. En este artículo se propone emplear un sistema de validación de planes de despliegue, implementado a través de un sistema basado en reglas, para asegurar que las acciones del despliegue a realizar son adecuadas al estado del entorno sobre el que se desea actuar. Dicho sistema se encuentra integrado dentro de un gestor de cambios de entorno y basado en su modelo de información

Systems in Engineering Education: account of an experience

Systems Engineering (SE in the following) has not received much attention as a subject matter in engineering curricula. There are several dozens of universities around the world offering programs (most of them at the graduate level) on systems science and engineering. However, SE is, per se, rarely found among the courses offered by engineering schools. This observation does not strictly mean that systems concepts be left apart. For example, it is usual to find specialized courses for systems of some particular classes (e.g., courses on software systems engineering for computing curricula) or for particular phases of the system life cycle (e.g., courses on systems analysis). Even so, these kinds of courses tend to over-emphasize the importance of specific methodologies and, in consequence, to deviate the attention from the realm of systernnes

Microservices: Lightweight Service Descriptions for REST Architectural Style

Current web has a vast number of applications available that offer users a wide domain of services. Most services, however, cannot be machine processed, which limits service composition for application and mash up development. Research on Semantic Web Services contributes to the improvement of interoperability and composition of applications and services. Many approaches cover service description by following paradigms such as Web Services and REST architectural style, allowing describing any kind of service for its use by an automatic agent, but sometimes using these solutions can be a time-consuming task. This paper introduces Micro services, a lightweight service classification framework for REST architectural style. Microservices do not attempt to describe every possible service, but to provide a way to describe a set of services in a simple way. Microservice descriptions consist of a set of terms that represent service features. After describing features semantically, microservices framework allows generating detailed servicedescriptions, which allows reusing common feature descriptions across different services. A use case that adapts heterogeneous search services to produce a standard interface using microservices is describe

A Metadirectory of Web Components for Mashup Composition

Because of the growing availability of third-party APIs, services, widgets and any other reusable web component, mashup developers now face a vast amount of candidate components for their developments. Moreover, these components quite often are scattered in many different repositories and web sites, which makes difficult their selection or discovery. In this paper, we discuss the problem of component selection in Service-Oriented Architectures (SOA) and Mashup-Driven Development, and introduce the Linked Mashups Ontology (LiMOn), a model that allows describing mashups and their components for integrating and sharing mashup information such as categorization or dependencies. The model has allowed the building of an integrated, centralized metadirectory of web components for query and selection, which has served to evaluate the model. The metadirectory allows accessing various heterogeneous repositories of mashups and web components while using external information from the Linked Data cloud, helping mashup development

A Vocabulary for the Modelling of Image search Microservices

In order to take advantage of the services that are available on the Web, several approaches that allow describing services have been proposed. With them, developers can publish service descriptions, allowing services to be automatically executed and composed. However, in most cases, the service description task is not carried out, partly because it is a time-consuming task. This has caused initiatives such as WSMO lite, SA-REST,hRESTS or Microservices, that try to reduce complexity in services, to appear. Also, an increasing number of web applications have followed the Linked Data initiative and publish information that is machine processable thanks to Semantic Web technologies such as RDF. However, sometimes direct access to information requires the usage of search forms and, in other cases, spidering techniques such as focused crawling in order to aggregate and filter data. Automatic execution of search services would improve access to information in the web by enabling agents to automatically aggregate, filter and directly access data. In this paper, it is presented how the Microservices framework can provide a feature-based vocabulary for the description of image search services. Microservices framework is a light weight service description frame work that takes feature-oriented and aspect-oriented programming ideas to service description. The article illustrate show this vocabulary can characterise a set of popular search services, such as Google Images or Flickr. In addition, the article describes how this vocabulary can be used for the development of new services, such as ameta searcher that aggregates results from various search service

Analysis and design of multiagent systems using MAS-CommonKADS

This article proposes an agent-oriented methodology called MAS-CommonKADS and develops a case study. This methodology extends the knowledge engineering methodology CommonKADSwith techniquesfrom objectoriented and protocol engineering methodologies. The methodology consists of the development of seven models: Agent Model, that describes the characteristics of each agent; Task Model, that describes the tasks that the agents carry out; Expertise Model, that describes the knowledge needed by the agents to achieve their goals; Organisation Model, that describes the structural relationships between agents (software agents and/or human agents); Coordination Model, that describes the dynamic relationships between software agents; Communication Model, that describes the dynamic relationships between human agents and their respective personal assistant software agents; and Design Model, that refines the previous models and determines the most suitable agent architecture for each agent, and the requirements of the agent network