Volume 1, Issue 3, August 2008, Pages 215 - 224
Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System
- Grzegorz Kolaczek, Krzysztof Juszczyszyn
- Corresponding Author
- Grzegorz Kolaczek
Available Online 25 August 2008.
- https://doi.org/10.2991/ijcis.2008.1.3.3How to use a DOI?
- ontology, intrusion detection, agent systems, traffic analysis.
- The paper proposes the use of attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multi-agent Intrusion Detection System architecture. Our framework assumes ontology-based attack definition and distributed processing scheme with exchange of communicates between agents. The role of traffic anomalies detection was presented then it has been discussed how some specific values characterizing network communication can be used to detect network anomalies caused by security incidents (worm attack, virus spreading). Finally, it has been defined how to use the proposed techniques in distributed IDS using attack pattern ontology.
- Open Access
- This is an open access article distributed under the CC BY-NC license.
Cite this article
TY - JOUR AU - Grzegorz Kolaczek AU - Krzysztof Juszczyszyn PY - 2008 DA - 2008/08 TI - Attack Pattern Analysis Framework for a Multiagent Intrusion Detection System JO - International Journal of Computational Intelligence Systems SP - 215 EP - 224 VL - 1 IS - 3 SN - 1875-6883 UR - https://doi.org/10.2991/ijcis.2008.1.3.3 DO - https://doi.org/10.2991/ijcis.2008.1.3.3 ID - Kolaczek2008 ER -