{"title":"Multisensor Agent Based Intrusion Detection","authors":"Richard A. Wasniowski","volume":5,"journal":"International Journal of Computer and Information Engineering","pagesStart":1465,"pagesEnd":1469,"ISSN":"1307-6892","URL":"https:\/\/publications.waset.org\/pdf\/2889","abstract":"In this paper we propose a framework for\r\nmultisensor intrusion detection called Fuzzy Agent-Based Intrusion\r\nDetection System. A unique feature of this model is that the agent\r\nuses data from multiple sensors and the fuzzy logic to process log\r\nfiles. Use of this feature reduces the overhead in a distributed\r\nintrusion detection system. We have developed an agent\r\ncommunication architecture that provides a prototype\r\nimplementation. This paper discusses also the issues of combining\r\nintelligent agent technology with the intrusion detection domain.","references":"[1] S. Axelsson. \"Intrusion Detection Systems: A Taxonomy and Survey.\"\r\nTechnical Report No 99-15, Dept of Computer Engineering, Chalmers\r\nUniversity of Technology, Sweden, March 2000\r\n[2] Russell, S. J. & Norvig, P.(1995). Artificial Intelligence\u00d4\u00c7\u00f6A modern\r\napproach. Upper saddle River ,NJ:Prentice Hall Inc.\r\n[3] W. Jansen, P. Mell, T. Karygiannis, and D. Marks. \"Applying mobile\r\nagents to intrusion detection and response.\" NISTIR-6416, September\r\n1999\r\n[4] Young-Gyun Kim, M. Valtorta, and J. Vomlel. \"A Prototypical System\r\nfor Soft Evidential Update.\" USC CSCE TR2002-005, Department of\r\nComputer Science and Engineering, University of South Carolina,\r\nColumbia, 2002.\r\n[5] Steffen L. Lauritzen and David J. Spiegelhalter. \"Local Computations\r\nwith Probabilities on Graphical Structures and their Application to\r\nExpert Systems.\" Journal of the Royal Statistical Society, Series B, 50\r\n(1988), 2, pp.157-224.\r\n[6] W. Lee and S.J. Stolfo. \"Data Mining Approaches for Intrusion\r\nDetection.\" In Proc. of the 7th USENIX Security Symp, San Antonio,\r\nTX, 1998, pp.79-94\r\n[7] M. Meneganti, F.S. Saviello, and R.Tagliaferri. \"Fuzzy Neural\r\nNetworks for Classification and Detection of Anomalies.\" IEEE Trans.\r\nOn Neural Networks, 9\/5, 1998, pp. 848-861\r\n[8] S. Northcutt, Network Intrusion Detection: An Analyst's Handbook,\r\nNew Riders, 1999\r\n[9] J. Moy. OSPF version 2. Internet Draft, RFC-2178, July 1997\r\n[10] Judea Pearl. Probabilistic Reasoning in Intelligent Systems: Networks\r\nof Plausible Inference. Morgan-Kaufmann, 1988.\r\n[11] Studer, R., Benjamins, V. R., Fensel, D. (1998). Knowledge\r\nEngineering: Principles and Methods. Data Knowledge Engineering, 25\r\n(1-2).\r\n[12] Marco Valtorta, Young-Gyun Kim, and Jir\u251c\u00a1 Vomlel. \"Soft Evidential\r\nUpdate for Probabilistic Multiagent Systems.\" International Journal of\r\nApproximate Reasoning, 29, 1 (January 2002), pp.71-106.\r\n[13] A. Valdes and K. Skinner. \"Adaptive, Model-Based Monitoring for\r\nCyber Attack Detection.\" In Proc. RAID, 2000, pp. 80-92\r\n[14] Wasniowski RA, Agent Based Design Methodology, RAW-TR-00-12\r\n[15] Wasniowski RA, Intrusion Detection System with Fuzzy Logic Agent,\r\nRAW-TR-01-09\r\n[16] Wooldridge, M., and Jennings, N. (1995) \"Intelligent Agents: Theory\r\nand Practice,\" Knowledge Engineering Review, Vol. 10, No. 2.\r\n[17] J. Allen, A. Christie, W. Fit hen, J. McHugh, J. Pickle, and E. Stoner.\r\nState of the practice of intrusion detection technologies. Technical\r\nReport CMU\/SEI-99-TR-028, Software Engineering Institute, Carnegie\r\nMellon University, January 2000.\r\n[18] T. Bass. Intrusion Detection Systems and Multisensor Data Fusion.\r\nCommunications of the ACM, 43(4):99-105, April 2000.\r\n[19] T. Bass, Alfredo Freyre, David Gruber, and Glenn Watt. EMail Bombs\r\nand Countermeasures: Cyber Attacks on Availability and Brand\r\nIntegrity. IEEE Network, pages 10-17, March\/April 1998.\r\n[20] J. Baras, A. Cardenas, and V. Ramezani. On-line Detection of\r\nDistributed Attacks from Space-time Network Flow Patterns. In\r\nProceedings of 24th Army Science Conference, November, 2004.\r\n[21] K.C. Chang, R.K. Saha and Y. Bar-Shalom, On optimal track-to-track\r\nfusion. IEEE Transactions on Aerospace and Electronic Systems 33 4\r\n(1997).\r\n[22] H. Chen, T. Kirubarajan, Y. Bar-Shalom, Comparison of Centralized and\r\nDistributed Tracking Algorithms Using Air to Air Scenarios, in: Signal\r\nand Data Processing of Small Targets 2000, Proceedings of SPIE Vol.\r\n4048, 2000, pp. 440-451\r\n[23] Y. Bar-Shalom, Performance Limits of Track-to-Track Fusion versus\r\nCentralized Estimation: Theory and Application, in: Fourth ONR\/GTRI\r\nWorkshop on Target Tracking and Sensor Fusion, May 2001, Monterey,\r\nCA.\r\n[24] S. Coraluppi, C. Carthel, M. Mallick, Hierarchical Multi-Hypothesis\r\nTracking with Application to Multi-Scale Sensor Data, to appear in:\r\nProceedings of the 2002 IEEE Aerospace Conference, March 2002, Big\r\nSky MT, USA\r\n[25] M. M. Mizushima, SnortMart, a Network Intrusion Detection System\r\nData Mart, graduate senior project, CSUDH 2005.\r\n[26] Kun-chan Lan, Alefiya Hussain, Debojyoti Dutta, Effect of Malicious\r\nTraffic on the Network, presented at PAM2003, the Passive and Active\r\nMeasurement Workshop, April 6-8, 2003, La Jolla, CA, USA","publisher":"World Academy of Science, Engineering and Technology","index":"Open Science Index 5, 2007"}