Intrusion detection systems (IDS) are security tools designed to monitor computer systems for suspicious events. To reduce the risk of intrusion, which is one of the threats to computer security, a team of researchers at UC3M have unveiled a multi-agent system that identifies suspicious events and autonomously determines whether or not any action should be taken. According to Professor Agustin Orfila of the Department of Informatics of the UC3M, both these are desirable features in an IDS.
At present, Spain lags behind in advancing investigations in multi-agent architectures for IDS compared to other countries. According to the investigator, the innovation behind the study is the use of deliberative agents that can adapt to the surroundings they are confronted with, and consider their past success in an independent manner to decide whether or not they should respond when facing a suspect event. This is achieved by using a “quantitative model that weighs the loss that an intrusion would provoke against the cost of taking responsive action”, Professor Orfila indicates. In this way, the IDS multi-agent determines the best system configuration for each scenario and decides if a response is appropriate, quantifying to what extent IDS supports the calculated decision. One of the most common intrusions attacks are the “port scan attack” (searching for open ports), denial-of-service attack, achieving unrestricted access to the target computer and triying to acces a computer remotely.
Farewell to intrusions
According to the National Institute of Standards and Technologies of the United States, “Intrusion detection is the process of detecting unauthorized use of, or attack upon, a computer or network. IDSs are software or hardware systems that detect such misuse.” Professor Orfila adds that an agent should be imparted with capabilities such as reactivity, sociability, self-initiative, adaptation, mobility, with a final result of representing a person. “In this way, the IDS multi-agent architecture allows us to distribute the detection load and better co-ordinate the process, with the consequence of accomplishing a more efficient detection”, explains the professor.
Security administrators would be the ideal users for the system because “it would allow them to quantify the value that the IDS attaches to its decisions and moreover, it would indicate how to adequately tune the IDS to its environment”, states Professor Orfila. Nevertheless, in order to implement its use, he adds, the IDS would have to be adapted to the traffic of the real network, the system would require to be trained for the concrete surroundings and the functionality would have to be evaluated in this real environment.
This study, published in the magazine Computer Communication under the title “Autonomous decision on intrusion detection with trained BDI agents”, has been developed by Agustín Orfila, Javier Carbó and Arturo Ribagorda, of the Grupo de Seguridad de las Tecnologías de la Información y las Comunicaciones and the Grupo de Inteligencia Artificial Aplicada of the Departamento de Informática of the UC3M.
Oficina de Información Científic | alfa
Cutting edge research for the industries of tomorrow – DFKI and NICT expand cooperation
21.03.2017 | Deutsches Forschungszentrum für Künstliche Intelligenz GmbH, DFKI
Molecular motor-powered biocomputers
20.03.2017 | Technische Universität Dresden
Astronomers from Bonn and Tautenburg in Thuringia (Germany) used the 100-m radio telescope at Effelsberg to observe several galaxy clusters. At the edges of these large accumulations of dark matter, stellar systems (galaxies), hot gas, and charged particles, they found magnetic fields that are exceptionally ordered over distances of many million light years. This makes them the most extended magnetic fields in the universe known so far.
The results will be published on March 22 in the journal „Astronomy & Astrophysics“.
Galaxy clusters are the largest gravitationally bound structures in the universe. With a typical extent of about 10 million light years, i.e. 100 times the...
Researchers at the Goethe University Frankfurt, together with partners from the University of Tübingen in Germany and Queen Mary University as well as Francis Crick Institute from London (UK) have developed a novel technology to decipher the secret ubiquitin code.
Ubiquitin is a small protein that can be linked to other cellular proteins, thereby controlling and modulating their functions. The attachment occurs in many...
In the eternal search for next generation high-efficiency solar cells and LEDs, scientists at Los Alamos National Laboratory and their partners are creating...
Silicon nanosheets are thin, two-dimensional layers with exceptional optoelectronic properties very similar to those of graphene. Albeit, the nanosheets are less stable. Now researchers at the Technical University of Munich (TUM) have, for the first time ever, produced a composite material combining silicon nanosheets and a polymer that is both UV-resistant and easy to process. This brings the scientists a significant step closer to industrial applications like flexible displays and photosensors.
Silicon nanosheets are thin, two-dimensional layers with exceptional optoelectronic properties very similar to those of graphene. Albeit, the nanosheets are...
Enzymes behave differently in a test tube compared with the molecular scrum of a living cell. Chemists from the University of Basel have now been able to simulate these confined natural conditions in artificial vesicles for the first time. As reported in the academic journal Small, the results are offering better insight into the development of nanoreactors and artificial organelles.
Enzymes behave differently in a test tube compared with the molecular scrum of a living cell. Chemists from the University of Basel have now been able to...
20.03.2017 | Event News
14.03.2017 | Event News
07.03.2017 | Event News
24.03.2017 | Earth Sciences
24.03.2017 | Health and Medicine
24.03.2017 | Earth Sciences