RT-MOVICAB-IDS: Addressing real-time intrusion detection

被引:30
作者
Herrero, Alvaro [2 ]
Navarro, Marti [3 ]
Corchado, Emilio [1 ]
Julian, Vicente [3 ]
机构
[1] Univ Salamanca, Dept Informat & Automat, E-37008 Salamanca, Spain
[2] Univ Burgos, Dept Civil Engn, Burgos 09006, Spain
[3] Univ Politecn Valencia, Dept Sistemas Informat & Computac, Valencia 46022, Spain
来源
FUTURE GENERATION COMPUTER SYSTEMS-THE INTERNATIONAL JOURNAL OF ESCIENCE | 2013年 / 29卷 / 01期
关键词
Hybrid Artificial Intelligent Systems; Unsupervised learning; Artificial Neural Networks; Multi-Agent systems; Case-based reasoning; Computer network security; Intrusion detection; Time-bounded deliberative process; NETWORK TRAFFIC DATA; VISUAL ANALYSIS; DATA STREAMS; AGENT; VISUALIZATION; DESIGN; SYSTEM; ARCHITECTURE;
D O I
10.1016/j.future.2010.12.017
中图分类号
TP301 [理论、方法];
学科分类号
080201 [机械制造及其自动化];
摘要
This study presents a novel Hybrid Intelligent Intrusion Detection System (IDS) known as RT-MOVICAB-IDS that incorporates temporal control. One of its main goals is to facilitate real-time Intrusion Detection, as accurate and swift responses are crucial in this field, especially if automatic abortion mechanisms are running. The formulation of this hybrid IDS combines Artificial Neural Networks (ANN) and Case-Based Reasoning (CBR) within a Multi-Agent System (MAS) to detect intrusions in dynamic computer networks. Temporal restrictions are imposed on this IDS, in order to perform real/execution time processing and assure system response predictability. Therefore, a dynamic real-time multi-agent architecture for IDS is proposed in this study, allowing the addition of predictable agents (both reactive and deliberative). In particular, two of the deliberative agents deployed in this system incorporate temporal-bounded CBR. This upgraded CBR is based on an anytime approximation, which allows the adaptation of this Artificial Intelligence paradigm to real-time requirements. Experimental results using real data sets are presented which validate the performance of this novel hybrid IDS. (C) 2011 Elsevier B.V. All rights reserved.
引用
收藏
页码:250 / 261
页数:12
相关论文
共 88 条
[1]
AAMODT A, 1994, AI COMMUN, V7, P39
[2]
Abdullah K, 2005, IEEE WORKSHOP ON VISUALIZATION FOR COMPUTER SECURITY 2005, PROCEEDINGS, P1
[3]
Visualizing network data for intrusion detection [J].
Abdullah, K ;
Lee, A ;
Conti, G ;
Copeland, JA .
PROCEEDINGS FROM THE SIXTH ANNUAL IEEE SYSTEMS, MAN AND CYBERNETICS INFORMATION ASSURANCE WORKSHOP, 2005, :100-108
[4]
Abraham A., 2007, Int. J. Netw. Secur, V4, P328
[5]
D-SCIDS: Distributed soft computing intrusion detection system [J].
Abraham, Ajith ;
Jain, Ravi ;
Thomas, Johnson ;
Han, Sang Yong .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2007, 30 (01) :81-98
[6]
[Anonymous], READINGS INFORMATION
[7]
[Anonymous], 1989, Case-based planning
[8]
Babu S., 2001, WORKSH NETW REL DAT, P1
[9]
Bajo J, 2007, LECT NOTES COMPUT SC, V4626, P389
[10]
VISUALIZING NETWORK DATA [J].
BECKER, RA ;
EICK, SG ;
WILKS, AR .
IEEE TRANSACTIONS ON VISUALIZATION AND COMPUTER GRAPHICS, 1995, 1 (01) :16-28