DocumentCode
173039
Title
Intelligent architecture based on MAS and CBR for intrusion detection
Author
El Ajjouri, Mohssine ; Benhadou, Siham ; Medromi, Hicham
Author_Institution
Archit. Syst. Team ENSEM, Hassan II Univ., Casablanca, Morocco
fYear
2014
fDate
12-13 May 2014
Firstpage
1
Lastpage
4
Abstract
The agents used in the intrusion detection architectures have multiple characteristics namely delegation, cooperation and communication. However, an important property of agents: learning is not used. The concept of learning in existing IDSs used in general to learn the normal behavior of the system to secure. For this, normal profiles are built in a dedicated training phase, these profiles are then compared with the current activity. Thus, the IDS does not have the ability to detect new attacks. We propose in this paper, a new architecture based intrusion MAS adding a learning feature abnormal behaviors that correspond to new attack patterns detection. Thanks to this feature to update the knowledge base of attacks take place when a new plan of attack is discovered. To learn a new attack, the architecture must detect at first and then update the basic attack patterns. For the detection step, the detection approach adopted is based on the technique of Case-Based Reasoning (CBR). Thus, the proposed architecture is based on a hierarchical and distributed strategy where features are structured and separated into layers.
Keywords
case-based reasoning; learning (artificial intelligence); multi-agent systems; security of data; CBR; IDS; MAS; attack patterns detection; case-based reasoning; communication characteristic; cooperation characteristic; delegation characteristic; intelligent architecture; intrusion detection; learning concept; learning feature; multi-agent systems; Cognition; Computer architecture; Databases; Educational institutions; Intrusion detection; Monitoring; Agent; Case-Based Reasoning; Intrusion Detection; Keys Words; Learning; Multi-Agent System; Network; Plan of Attack; Security;
fLanguage
English
Publisher
ieee
Conference_Titel
Security Days (JNS4), Proceedings of the 4th Edition of National
Conference_Location
Tetuan
Print_ISBN
978-1-4799-5586-2
Type
conf
DOI
10.1109/JNS4.2014.6850123
Filename
6850123
Link To Document