A Multi Agent System for Flow-Based Intrusion Detection Using Reputation and Evolutionary Computation Contributor(s): Hancock, David L. (Author) |
|
![]() |
ISBN: 1249586658 ISBN-13: 9781249586654 Publisher: Biblioscholar OUR PRICE: $55.05 Product Type: Paperback Published: October 2012 |
Additional Information |
BISAC Categories: - Education |
Physical Information: 0.39" H x 7.44" W x 9.69" (0.74 lbs) 182 pages |
Descriptions, Reviews, Etc. |
Publisher Description: The rising sophistication of cyber threats as well as the improvement of physical computer network properties present increasing challenges to contemporary Intrusion Detection (ID) techniques. To respond to these challenges, a multi agent system (MAS) coupled with flow-based ID techniques may effectively complement traditional ID systems. This paper develops: 1) a scalable software architecture for a new, self-organized, multi agent, flow-based ID system; and 2) a network simulation environment suitable for evaluating implementations of this MAS architecture and for other research purposes. Self-organization is achieved via 1) a "reputation" system that influences agent mobility in the search for effective vantage points in the network; and 2) multi objective evolutionary algorithms that seek effective operational parameter values. This paper illustrates, through quantitative and qualitative evaluation, 1) the conditions for which the reputation system provides a significant benefit; and 2) essential functionality of a complex network simulation environment supporting a broad range of malicious activity scenarios. These results establish an optimistic outlook for further research in flow-based multi agent systems for ID in computer networks. |