Volume 1, Issue 3, August 2008, Pages 215 - 224
Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System
Authors
Krzysztof Juszczyszyn, Grzegorz Kolaczek
Corresponding Author
Grzegorz Kolaczek
Received 16 January 2008, Revised 30 June 2008, Available Online 1 August 2008.
- DOI
- 10.2991/ijcis.2008.1.3.3How to use a DOI?
- Keywords
- ontology, intrusion detection, agent systems, traffic analysis.
- Abstract
The paper proposes the use of attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multi-agent Intrusion Detection System architecture. Our framework assumes ontology-based attack definition and distributed processing scheme with exchange of communicates between agents. The role of traffic anomalies detection was presented then it has been discussed how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading). Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.
- Copyright
- © 2008, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - JOUR AU - Krzysztof Juszczyszyn AU - Grzegorz Kolaczek PY - 2008 DA - 2008/08/01 TI - Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System JO - International Journal of Computational Intelligence Systems SP - 215 EP - 224 VL - 1 IS - 3 SN - 1875-6883 UR - https://doi.org/10.2991/ijcis.2008.1.3.3 DO - 10.2991/ijcis.2008.1.3.3 ID - Juszczyszyn2008 ER -