A Multi-agent System for Computer Network Security Monitoring

  • Agnieszka Prusiewicz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4953)


Due to the complexity of the problem of the network security diagnosis it is necessary to apply effective mechanisms allowing coping with not only knowledge enormity, but also incompleteness and inconsistency. In this connection a proper solution is to apply the multi-agent approach in the network security systems. In this paper the multi-agent system for computer network security monitoring is presented. The overall architecture including agents’ knowledge representation, knowledge management and behavior specification is proposed.


Intrusion detection multi-agent approach DDos attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Balasubramaniyan, J.S., Garcia-Fernandez, J.O., Isacoff, D., Spafford, E., Zamboni, D.: An Architecture for Intrusion Detection Using Autonomous Agents. In: Proceedings of the 14th Annual Computer Security Applications Conference (1998)Google Scholar
  2. 2.
    Biermann, E., Cloete, E., Venter, L.M.: A comparison of Intrusion Detection systems. Computers and Security 20(8), 676–683 (2001)CrossRefGoogle Scholar
  3. 3.
    Bejtlich, R.: Tao of Network Security Monitoring, The: Beyond Intrusion Detection. Addison-Wesley, Reading (2004)Google Scholar
  4. 4.
    Dasgupta, D.: Immunity-Based Intrusion Detection System: A General Framework. In: Proceedings of the 22nd National Information Systems Security Conference, USA (1999)Google Scholar
  5. 5.
    Denning, D.E., Edwards, D.L., Jagannathan, R., Lunt, T.F., Neumann, P.G.: A prototype IDES: A real-time intrusiondetection expert system. Technical report, Computer Science Laboratory, SRI International, Menlo Park (1987)Google Scholar
  6. 6.
    Kolaczek, G., Pieczynska, A., Juszczyszyn, K., Grzech, A., Katarzyniak, R., Nguyen, N.T.: A mobile agent approach to intrusion detection in network systems, Lecture Notes in Computer Science, Lecture Notes in Artificial Intelligence. In: Khosla, R., Howlett, R.J., Jain, L.C. (eds.) KES 2005. LNCS (LNAI), vol. 3682, pp. 514–519. Springer, Heidelberg (2005)Google Scholar
  7. 7.
    Mirkovic, J., Dietrich, S., Dittrich, D., Reiher, P.: Internet Denial of Service: Attack and De fense Mechanisms. Prentice-Hall, Englewood Cliffs (2005)Google Scholar
  8. 8.
    Nguyen, N.T., Juszczyszyn, K., Kolaczek, G., Grzech, A., Pieczynska, A., Katarzyniak, R.: Agent-based approach for distributed intrusion detection system design. In: Alexandrov, V.N., van Albada, G.D., Sloot, P.M.A., Dongarra, J. (eds.) ICCS 2006. LNCS, vol. 3993, pp. 224–231. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    FIPA Specifications:
  10. 10.
    Patcha, A., Park, J.-M.: An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks 51(12), 3448–3470 (2007)CrossRefGoogle Scholar
  11. 11.
    Spafford, E., Zamboni, D.: Intrusion detection using autonomous agents, Computer Networks. The International Journal of Computer and Telecommunications Networking 34(4), 547–570 (2000)Google Scholar
  12. 12.
    Wilson, E.: Network Monitoring and Analysis: A Protocol Approach to Troubleshooting. Prentice-Hall, Englewood Cliffs (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Agnieszka Prusiewicz
    • 1
  1. 1.Institute of Information Science & EngineeringWrocław University of TechnologyPoland

Personalised recommendations