Advertisement

Approaching Real-Time Intrusion Detection through MOVICAB-IDS

  • Martí Navarro
  • Álvaro Herrero
  • Emilio Corchado
  • Vicente Julián
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 73)

Abstract

This paper presents an extension of MOVICAB-IDS, a Hybrid Intelligent Intrusion Detection System characterized by incorporating temporal control to enable real-time processing and response. The original formulation of MOVICAB-IDS combines artificial neural networks and case-based reasoning within a multiagent system to perform Intrusion Detection in dynamic computer networks. The contribution of the anytime algorithm, one of the most promising to adapt Artificial Intelligent techniques to real-time requirements; is comprehensively presented in this work.

Keywords

Multiagent Systems Hybrid Artificial Intelligent Systems Computer Network Security Intrusion Detection Temporal Constraints Time Bounded Deliberative Process 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abraham, A., Jain, R., Thomas, J., Han, S.Y.: D-SCIDS: Distributed Soft Computing Intrusion Detection System. Journal of Network and Computer Applications 30(1), 81–98 (2007)CrossRefGoogle Scholar
  2. 2.
    Herrero, Á., Corchado, E.: Mining Network Traffic Data for Attacks through MOVICAB-IDS. In: Foundations of Computational Intelligence. Studies in Computational Intelligence, vol. 4, pp. 377–394. Springer, Heidelberg (2009)Google Scholar
  3. 3.
    Corchado, E., Herrero, Á.: Neural Visualization of Network Traffic Data for Intrusion Detection. Applied Soft Computing (Accepted with changes) (2010)Google Scholar
  4. 4.
    Wooldridge, M., Jennings, N. R.: Agent theories, architectures, and languages: A survey. Intelligent Agents (1995)Google Scholar
  5. 5.
    Aamodt, A., Plaza, E.: Case-Based Reasoning - Foundational Issues, Methodological Variations, and System Approaches. AI Communications 7(1), 39–59 (1994)Google Scholar
  6. 6.
    Carrascosa, C., Bajo, J., Julián, V., Corchado, J.M., Botti, V.: Hybrid Multi-agent Architecture as a Real-Time Problem-Solving Model. Expert Systems with Applications: An International Journal 34(1), 2–17 (2008)CrossRefGoogle Scholar
  7. 7.
    Corchado, E., Fyfe, C.: Connectionist Techniques for the Identification and Suppression of Interfering Underlying Factors. International Journal of Pattern Recognition and Artificial Intelligence 17(8), 1447–1466 (2003)CrossRefGoogle Scholar
  8. 8.
    Dean, T., Boddy, M.: An Analysis of Time-dependent Planning. In: 7th National Conference on Artificial Intelligence (1988)Google Scholar
  9. 9.
    Garvey, A., Lesser, V.: A Survey of Research in Deliberative Real-time Artificial Intelligence. Real-Time Systems 6(3), 317–347 (1994)CrossRefGoogle Scholar
  10. 10.
    Hayes-Roth, B., Washington, R., Ash, D., Collinot, A., Vina, A., Seiver, A.: Guardian: A Prototype Intensive-care Monitoring Agent. Artificial Intelligence in Medicine 4, 165–185 (1992)CrossRefGoogle Scholar
  11. 11.
    Howe, A.E., Hart, D.M., Cohen, P.R.: Addressing Real-time Constraints in the Design of Autonomous Agents. Real-Time Systems 2(1), 81–97 (1990)CrossRefGoogle Scholar
  12. 12.
    Musliner, D.J., Durfee, E.H., Shin, K.G.: CIRCA: A Cooperative Intelligent Real-time Control Architecture. IEEE Transactions on Systems, Man, and Cybernetics 23(6), 1561–1574 (1993)CrossRefGoogle Scholar
  13. 13.
    Kopetz, H.: Real-time Systems: Design Principles for Distributed Embedded Applications. Kluwer Academic Publishers, Dordrecht (1997)zbMATHGoogle Scholar
  14. 14.
    Babu, S., Subramanian, L., Widom, J.: A Data Stream Management System for Network Traffic Management. In: Workshop on Network-Related Data Management, NRDM 2001 (2001)Google Scholar
  15. 15.
    Herrero, Á., Corchado, E.: Traffic Data Preparation for a Hybrid Network IDS. In: Corchado, E., Abraham, A., Pedrycz, W. (eds.) HAIS 2008. LNCS (LNAI), vol. 5271, pp. 247–256. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Dreger, H., Feldmann, A., Paxson, V., Sommer, R.: Operational Experiences with High-Volume Network Intrusion Detection. In: 11th ACM Conference on Computer and Communications Security. ACM Press, New York (2004)Google Scholar
  17. 17.
    Zambonelli, F., Jennings, N.R., Wooldridge, M.: Developing Multiagent Systems: the Gaia Methodology. ACM Transactions on Software Engineering and Methodology 12(3), 317–370 (2003)CrossRefGoogle Scholar
  18. 18.
    Wooldridge, M., Jennings, N.R., Kinny, D.: The Gaia Methodology for Agent-Oriented Analysis and Design. Autonomous Agents and Multi-Agent Systems 3(3), 285–312 (2000)CrossRefGoogle Scholar
  19. 19.
    Pellicer, M.A., Corchado, J.M.: Development of CBR-BDI Agents. International Journal of Computer Science and Applications 2(1), 25–32 (2005)Google Scholar
  20. 20.
    Bajo, J., Corchado, J., Rodríguez, S.: Intelligent Guidance and Suggestions Using Case-Based Planning. In: Weber, R.O., Richter, M.M. (eds.) ICCBR 2007. LNCS (LNAI), vol. 4626, pp. 389–403. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  21. 21.
    Hammond, K.J.: Case-based Planning: Viewing Planning as a Memory Task. Academic Press Professional, Inc., London (1989)Google Scholar
  22. 22.
    Spalzzi, L.: A Survey on Case-Based Planning. Artificial Intelligence Review 16(1), 3–36 (2001)CrossRefGoogle Scholar
  23. 23.
    Dean, T., Boddy, M.S.: An Analysis of Time-Dependent Planning. In: 7th National Conference on Artificial Intelligence (1988)Google Scholar
  24. 24.
    Navarro, M., Heras, S., Julián, V.: Guidelines to Apply CBR in Real-Time Multi-Agent Systems. Journal of Physical Agents 3(3), 39–43 (2009)Google Scholar
  25. 25.
    Case, J., Fedor, M.S., Schoffstall, M.L., Davin, C.: Simple Network Management Protocol (SNMP). IETF RFC 1157 (1990)Google Scholar
  26. 26.
    Corchado, E., Herrero, Á., Sáiz, J.M.: Detecting Compounded Anomalous SNMP Situations Using Cooperative Unsupervised Pattern Recognition. In: Duch, W., Kacprzyk, J., Oja, E., Zadrozny, S. (eds.) ICANN 2005. LNCS, vol. 3697, pp. 905–910. Springer, Heidelberg (2005)Google Scholar
  27. 27.
    Corchado, E., Herrero, Á., Sáiz, J.M.: Testing CAB-IDS Through Mutations: On the Identification of Network Scans. In: Gabrys, B., Howlett, R.J., Jain, L.C. (eds.) KES 2006. LNCS (LNAI), vol. 4252, pp. 433–441. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Martí Navarro
    • 1
  • Álvaro Herrero
    • 2
  • Emilio Corchado
    • 3
  • Vicente Julián
    • 1
  1. 1.Departamento de Sistemas Informáticos y ComputaciónUniversidad Politécnica de ValenciaValenciaSpain
  2. 2.Civil Engineering DepartmentUniversity of BurgosBurgosSpain
  3. 3.Departamento de Informática y AutomáticaUniversidad de SalamancaSalamancaSpain

Personalised recommendations