Autonomous decision on intrusion detection with trained BDI agents

Orfila, Agustin; Carbó, Javier; Ribagorda, Arturo

doi:10.1016/j.comcom.2007.11.018

Cited by 16 publications

(10 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In terms of the development of CIDN in IoT, there are several research that has been done in the scenario such as COLIDE [15]. Meanwhile, our agent-based modeling of the intrusion detection system was came from Orfila's research [16].…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Collaborative intrusion detection networks with multi-hop clustering for internet of things

Wahidah

Purwanto

Kurniawan

2021

IJECE

View full text Add to dashboard Cite

<p>Internet of things (IoT) is an emerging topic in so many aspects nowadays. The integration between devices and human itself is currently in large scale development. With the continuous applications of the IoT, the hidden problems such as security threats become one of the key considerations. Furthermore, limited power and computational capability of the devices in the system make it more challenging.Therefore, the needs of reliable and effective security system throughout the networks are highly needed. This research proposed a collaborative system based on JADE that consists of 3 types of agent, which are IoT server, controller, and node. Every agents will collaborate each other in terms of exchanging the intrusion detection results. The collaboration between the agents will provide more efficient and good performance. Four classification algorithms were used to model IDS functions. Then, the performance evaluation was done on the system with several parameters such as cost loss expectation, energy consumption, and metric of IDS efficiency. The result shows that the number of reports sent by IoT controller were decreased up to 80% while preserving the security aspect.</p>

show abstract

Section: Related Workmentioning

confidence: 99%

“…Our proposed system idea mainly came from Fung's [17] and Orfila's research [16]. Then we combine and adjust several parameters and scenario so that we can reach our goal.…”

Section: Related Workmentioning

confidence: 99%

Collaborative intrusion detection networks with multi-hop clustering for internet of things

Wahidah

Purwanto

Kurniawan

2021

IJECE

View full text Add to dashboard Cite

show abstract

“…Moreover, being lack of self-learning and self-adapting abilities, they can only prevent those known network intrusions, and can do nothing for those variety intrusions. Recent years, the artificial immune system has the features of dynamic, self-adaptation and diversity [3][4][5][6] that just meet the constraints derived from the characteristics of the grid environment, and mobile agent has many same appealing properties as that of artificial immune system. Negative Selection Algorithm and the concept of computer immunity proposed by Forrest in 1994 [7][8].…”

Section: Introductionmentioning

confidence: 99%

Multilevel Network Security Monitoring and Evaluation Model

Yang¹,

Liu²,

Peng³

et al. 2011

JSW

View full text Add to dashboard Cite

Based on the correspondence between the artificial immune system antibody and pathogen invasion intensity, this paper is to establish a real-time network risk evaluation model. According to the network intrusion own characteristics and the consequence from service, assets and attack, this paper design to build a hierarchical, quantitative measurement indicator system, and an unified evaluation information base and knowledge base. The paper also combines assets evaluation system and network integration evaluation system, considering from the application layer, the host layer, network layer may be factors that affect the network risks. The experimental results show that the new model improves the ability of intrusion detection and prevention than that of the traditional passive intrusion prevention systems

show abstract

“…Some research have been conducted in measuring and comparing the patch development process of vendors [18,31,23] and numerous studies have examined different approaches for evaluating NIDS effectiveness [33,19,28,29,15]. However, vulnerable time windows caused by delays in the updating process of signature-based NIDS have not been yet explored and quantified as a performance metric.…”

Section: A C C E P T E D Accepted Manuscriptmentioning

confidence: 99%

Analysis of update delays in signature-based network intrusion detection systems

Gascón

Orfila

Blasco

2011

Computers & Security

View full text Add to dashboard Cite

Network Intrusion Detection Systems (NIDS) play a fundamental role on security policy deployment and help organizations in protecting their assets from network attacks. Signature-based NIDS rely on a set of known patterns to match malicious traffic. Accordingly, they are unable to detect a specific attack until a specific signature for the corresponding vulnerability is created, tested, released and deployed. Although vital, the delay in the updating process of these systems has not been studied in depth. This paper presents a comprehensive statistical analysis of this delay in relation to the vulnerability disclosure time, the updates of vulnerability detection systems (VDS), the software patching releases and the publication of exploits. The widely deployed NIDS Snort and its detection signatures release dates have been used. Results show that signature updates are typically available later than software patching releases. Moreover, Snort rules are generally released within the first 100 days from the vulnerability disclosure and most of the times exploits and the corresponding NIDS rules are published with little difference. Implications of these results are drawn in the context of security policy definition. This study can be easily kept up to date due to the methodology used.

show abstract

Autonomous decision on intrusion detection with trained BDI agents

Cited by 16 publications

References 32 publications

Collaborative intrusion detection networks with multi-hop clustering for internet of things

Collaborative intrusion detection networks with multi-hop clustering for internet of things

Multilevel Network Security Monitoring and Evaluation Model

Analysis of update delays in signature-based network intrusion detection systems

Contact Info

Product

Resources

About