Intrusion detection systems (IDS) are security tools designed to monitor computer systems for suspicious events. To reduce the risk of intrusion, which is one of the threats to computer security, a team of researchers at UC3M have unveiled a multi-agent system that identifies suspicious events and autonomously determines whether or not any action should be taken. According to Professor Agustin Orfila of the Department of Informatics of the UC3M, both these are desirable features in an IDS.
At present, Spain lags behind in advancing investigations in multi-agent architectures for IDS compared to other countries. According to the investigator, the innovation behind the study is the use of deliberative agents that can adapt to the surroundings they are confronted with, and consider their past success in an independent manner to decide whether or not they should respond when facing a suspect event. This is achieved by using a “quantitative model that weighs the loss that an intrusion would provoke against the cost of taking responsive action”, Professor Orfila indicates. In this way, the IDS multi-agent determines the best system configuration for each scenario and decides if a response is appropriate, quantifying to what extent IDS supports the calculated decision. One of the most common intrusions attacks are the “port scan attack” (searching for open ports), denial-of-service attack, achieving unrestricted access to the target computer and triying to acces a computer remotely.
Farewell to intrusions
According to the National Institute of Standards and Technologies of the United States, “Intrusion detection is the process of detecting unauthorized use of, or attack upon, a computer or network. IDSs are software or hardware systems that detect such misuse.” Professor Orfila adds that an agent should be imparted with capabilities such as reactivity, sociability, self-initiative, adaptation, mobility, with a final result of representing a person. “In this way, the IDS multi-agent architecture allows us to distribute the detection load and better co-ordinate the process, with the consequence of accomplishing a more efficient detection”, explains the professor.
Security administrators would be the ideal users for the system because “it would allow them to quantify the value that the IDS attaches to its decisions and moreover, it would indicate how to adequately tune the IDS to its environment”, states Professor Orfila. Nevertheless, in order to implement its use, he adds, the IDS would have to be adapted to the traffic of the real network, the system would require to be trained for the concrete surroundings and the functionality would have to be evaluated in this real environment.
This study, published in the magazine Computer Communication under the title “Autonomous decision on intrusion detection with trained BDI agents”, has been developed by Agustín Orfila, Javier Carbó and Arturo Ribagorda, of the Grupo de Seguridad de las Tecnologías de la Información y las Comunicaciones and the Grupo de Inteligencia Artificial Aplicada of the Departamento de Informática of the UC3M.
Oficina de Información Científic | alfa
Putting food-safety detection in the hands of consumers
15.11.2018 | Massachusetts Institute of Technology
Next stop Morocco: EU partners test innovative space robotics technologies in the Sahara desert
09.11.2018 | Deutsches Forschungszentrum für Künstliche Intelligenz GmbH, DFKI
Researchers at the University of New Hampshire have captured a difficult-to-view singular event involving "magnetic reconnection"--the process by which sparse particles and energy around Earth collide producing a quick but mighty explosion--in the Earth's magnetotail, the magnetic environment that trails behind the planet.
Magnetic reconnection has remained a bit of a mystery to scientists. They know it exists and have documented the effects that the energy explosions can...
Biochips have been developed at TU Wien (Vienna), on which tissue can be produced and examined. This allows supplying the tissue with different substances in a very controlled way.
Cultivating human cells in the Petri dish is not a big challenge today. Producing artificial tissue, however, permeated by fine blood vessels, is a much more...
Faster and secure data communication: This is the goal of a new joint project involving physicists from the University of Würzburg. The German Federal Ministry of Education and Research funds the project with 14.8 million euro.
In our digital world data security and secure communication are becoming more and more important. Quantum communication is a promising approach to achieve...
On Saturday, 10 November 2018, the research icebreaker Polarstern will leave its homeport of Bremerhaven, bound for Cape Town, South Africa.
When choosing materials to make something, trade-offs need to be made between a host of properties, such as thickness, stiffness and weight. Depending on the application in question, finding just the right balance is the difference between success and failure
Now, a team of Penn Engineers has demonstrated a new material they call "nanocardboard," an ultrathin equivalent of corrugated paper cardboard. A square...
09.11.2018 | Event News
06.11.2018 | Event News
23.10.2018 | Event News
16.11.2018 | Health and Medicine
16.11.2018 | Life Sciences
16.11.2018 | Life Sciences