• DocumentCode
    173039
  • Title

    Intelligent architecture based on MAS and CBR for intrusion detection

  • Author

    El Ajjouri, Mohssine ; Benhadou, Siham ; Medromi, Hicham

  • Author_Institution
    Archit. Syst. Team ENSEM, Hassan II Univ., Casablanca, Morocco
  • fYear
    2014
  • fDate
    12-13 May 2014
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    The agents used in the intrusion detection architectures have multiple characteristics namely delegation, cooperation and communication. However, an important property of agents: learning is not used. The concept of learning in existing IDSs used in general to learn the normal behavior of the system to secure. For this, normal profiles are built in a dedicated training phase, these profiles are then compared with the current activity. Thus, the IDS does not have the ability to detect new attacks. We propose in this paper, a new architecture based intrusion MAS adding a learning feature abnormal behaviors that correspond to new attack patterns detection. Thanks to this feature to update the knowledge base of attacks take place when a new plan of attack is discovered. To learn a new attack, the architecture must detect at first and then update the basic attack patterns. For the detection step, the detection approach adopted is based on the technique of Case-Based Reasoning (CBR). Thus, the proposed architecture is based on a hierarchical and distributed strategy where features are structured and separated into layers.
  • Keywords
    case-based reasoning; learning (artificial intelligence); multi-agent systems; security of data; CBR; IDS; MAS; attack patterns detection; case-based reasoning; communication characteristic; cooperation characteristic; delegation characteristic; intelligent architecture; intrusion detection; learning concept; learning feature; multi-agent systems; Cognition; Computer architecture; Databases; Educational institutions; Intrusion detection; Monitoring; Agent; Case-Based Reasoning; Intrusion Detection; Keys Words; Learning; Multi-Agent System; Network; Plan of Attack; Security;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Security Days (JNS4), Proceedings of the 4th Edition of National
  • Conference_Location
    Tetuan
  • Print_ISBN
    978-1-4799-5586-2
  • Type

    conf

  • DOI
    10.1109/JNS4.2014.6850123
  • Filename
    6850123