Accession Number : ADA540167


Title :   A Multi Agent System for Flow-Based Intrusion Detection Using Reputation and Evolutionary Computation


Descriptive Note : Master's thesis


Corporate Author : AIR FORCE INST OF TECH WRIGHT-PATTERSON AFB OH SCHOOL OF ENGINEERING AND MANAGEMENT


Personal Author(s) : Hancock, David


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a540167.pdf


Report Date : Mar 2011


Pagination or Media Count : 179


Abstract : The rising sophistication of cyber threats as well as the improvement of physical computer network properties present increasing challenges to contemporary Intrusion Detection (ID) techniques. To respond to these challenges, a multi agent system (MAS) coupled with flow-based ID techniques may effectively complement traditional ID systems. This paper develops: 1) a scalable software architecture for a new, self-organized, multi agent, flow-based ID system; and 2) a network simulation environment suitable for evaluating implementations of this MAS architecture and for other research purposes. Self-organization is achieved via 1) a reputation system that influences agent mobility in the search for effective vantage points in the network; and 2) multi objective evolutionary algorithms that seek effective operational parameter values. This paper illustrates, through quantitative and qualitative evaluation, 1) the conditions for which the reputation system provides a significant benefit; and 2) essential functionality of a complex network simulation environment supporting a broad range of malicious activity scenarios. These results establish an optimistic outlook for further research in flow-based multi agent systems for ID in computer networks.


Descriptors :   *COMPUTER NETWORKS , *FLOW , *INTRUSION DETECTION , SIMULATION , MOBILITY , COMPUTATIONS , THREATS , PARAMETERS , COMPUTER ARCHITECTURE , PARALLEL PROCESSING , SCENARIOS , ALGORITHMS , TEST AND EVALUATION , NETWORKS


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE