The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The eviden...The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The evidence of intrusions is to be associated from all the held up nodes. From the last few years, mobile agent based technique in intrusion detection system (IDS) has been widely used to detect intrusion over distributed network. This paper presented survey of several existing mobile agent based intrusion detection system and comparative analysis report between them. Furthermore we have focused on each attribute of analysis, for example technique (NIDS, HIDS or Hybrid), behavior layer, detection techniques for analysis, uses of mobile agent and technology used by existing IDS, strength and issues. Their strengths and issues are situational wherever appropriate. We have observed that some of the existing techniques are used in IDS which causes low detection rate, behavior layers like TCP connection for packet capturing which is most important activity in NIDS and response time (technology execution time) with memory consumption by mobile agent as major issues.展开更多
Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent di...Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent distributed IDS model, enhanced with a method of computing its statistical values of performance is presented. This model can accomplish not only distributed information collection, but also distributed intrusion detection and real-time reaction. Owing to prompt reaction and openness, it can detect intrusion behavior of both known and unknown sources. According to preliminary tests, the accuracy ratio of intrusion detection is higher than 92% on the average.展开更多
The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- s...The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- sures are only to protect the networks, and there is no automated network-wide counteraction against detected intrusions, the architecture of cooperation intrusion response based multi-agent is propose. The architecture is composed of mobile agents. Monitor agent resides on every node and monitors its neighbor nodes. Decision agent collects information from monitor nodes and detects an intrusion by security policies. When an intruder is found in the architecture, the block agents will get to the neighbor nodes of the intruder and form the mobile firewall to isolate the intruder. In the end, we evaluate it by simulation.展开更多
通过考察国内外分布式移动入侵检测系统的发展现状,分析了目前基于MOB ILE AGENT(移动代理)的IDS应用所存在的安全问题,提出结合JAVA安全特性采用一种新型平台AGLETWORKBENCH开发MA IDS的技术研究.首先介绍了AGLET的基本知识,然后通过分...通过考察国内外分布式移动入侵检测系统的发展现状,分析了目前基于MOB ILE AGENT(移动代理)的IDS应用所存在的安全问题,提出结合JAVA安全特性采用一种新型平台AGLETWORKBENCH开发MA IDS的技术研究.首先介绍了AGLET的基本知识,然后通过分析AGLET的工作流程,从几个方面论述了用AGLET可以为MOB ILE AGENT展开更多
Deep Learning presents a critical capability to be geared into environments being constantly changed and ongoing learning dynamic,which is especially relevant in Network Intrusion Detection.In this paper,as enlightene...Deep Learning presents a critical capability to be geared into environments being constantly changed and ongoing learning dynamic,which is especially relevant in Network Intrusion Detection.In this paper,as enlightened by the theory of Deep Learning Neural Networks,Hierarchy Distributed-Agents Model for Network Risk Evaluation,a newly developed model,is proposed.The architecture taken on by the distributed-agents model are given,as well as the approach of analyzing network intrusion detection using Deep Learning,the mechanism of sharing hyper-parameters to improve the efficiency of learning is presented,and the hierarchical evaluative framework for Network Risk Evaluation of the proposed model is built.Furthermore,to examine the proposed model,a series of experiments were conducted in terms of NSLKDD datasets.The proposed model was able to differentiate between normal and abnormal network activities with an accuracy of 97.60%on NSL-KDD datasets.As the results acquired from the experiment indicate,the model developed in this paper is characterized by high-speed and high-accuracy processing which shall offer a preferable solution with regard to the Risk Evaluation in Network.展开更多
With the continuous use of cloud and distributed computing, the threats associated with data and information technology (IT) in such an environment have also increased. Thus, data security and data leakage prevention ...With the continuous use of cloud and distributed computing, the threats associated with data and information technology (IT) in such an environment have also increased. Thus, data security and data leakage prevention have become important in a distributed environment. In this aspect, mobile agent-based systems are one of the latest mechanisms to identify and prevent the intrusion and leakage of the data across the network. Thus, to tackle one or more of the several challenges on Mobile Agent-Based Information Leakage Prevention, this paper aim at providing a comprehensive, detailed, and systematic study of the Distribution Model for Mobile Agent-Based Information Leakage Prevention. This paper involves the review of papers selected from the journals which are published in 2009 and 2019. The critical review is presented for the distributed mobile agent-based intrusion detection systems in terms of their design analysis, techniques, and shortcomings. Initially, eighty-five papers were identified, but a paper selection process reduced the number of papers to thirteen important reviews.展开更多
文摘The extensive access of network interaction has made present networks more responsive to earlier intrusions. In distributed network intrusions, there are many computing nodes that are assisted by intruders. The evidence of intrusions is to be associated from all the held up nodes. From the last few years, mobile agent based technique in intrusion detection system (IDS) has been widely used to detect intrusion over distributed network. This paper presented survey of several existing mobile agent based intrusion detection system and comparative analysis report between them. Furthermore we have focused on each attribute of analysis, for example technique (NIDS, HIDS or Hybrid), behavior layer, detection techniques for analysis, uses of mobile agent and technology used by existing IDS, strength and issues. Their strengths and issues are situational wherever appropriate. We have observed that some of the existing techniques are used in IDS which causes low detection rate, behavior layers like TCP connection for packet capturing which is most important activity in NIDS and response time (technology execution time) with memory consumption by mobile agent as major issues.
基金Supported by the Key Program of Natural Science Foundation of China(050335020)
文摘Traditional Intrusion Detection System (IDS) based on hosts or networks no longer meets the security requirements in today's network environment due to the increasing complexity and distributivity. A multi-agent distributed IDS model, enhanced with a method of computing its statistical values of performance is presented. This model can accomplish not only distributed information collection, but also distributed intrusion detection and real-time reaction. Owing to prompt reaction and openness, it can detect intrusion behavior of both known and unknown sources. According to preliminary tests, the accuracy ratio of intrusion detection is higher than 92% on the average.
基金This project was supported by the National Natural Science Foundation of China (60672068)the National High Technology Development 863 Program of China (2006AA01Z436, 2007AA01Z452.)
文摘The nature of adhoc networks makes them vulnerable to security attacks. Many security technologies such as intrusion prevention and intrusion detection are passive in response to intrusions in that their countermea- sures are only to protect the networks, and there is no automated network-wide counteraction against detected intrusions, the architecture of cooperation intrusion response based multi-agent is propose. The architecture is composed of mobile agents. Monitor agent resides on every node and monitors its neighbor nodes. Decision agent collects information from monitor nodes and detects an intrusion by security policies. When an intruder is found in the architecture, the block agents will get to the neighbor nodes of the intruder and form the mobile firewall to isolate the intruder. In the end, we evaluate it by simulation.
文摘通过考察国内外分布式移动入侵检测系统的发展现状,分析了目前基于MOB ILE AGENT(移动代理)的IDS应用所存在的安全问题,提出结合JAVA安全特性采用一种新型平台AGLETWORKBENCH开发MA IDS的技术研究.首先介绍了AGLET的基本知识,然后通过分析AGLET的工作流程,从几个方面论述了用AGLET可以为MOB ILE AGENT
基金This work is supported by the National Key Research and Development Program of China under Grant 2016YFB0800600the Natural Science Foundation of China under Grant(No.61872254 and No.U1736212)+2 种基金the Fundamental Research Funds for the central Universities(No.YJ201727,No.A0920502051815-98)Academic and Technical Leaders’Training Support Fund of Sichuan Province(2016)the research projects of the Humanity and Social Science Youth Foundation of Ministry of Education(13YJCZH021).We want to convey our grateful appreciation to the corresponding author of this paper,Gang Liang,who has offered advice with huge values in all stages when writing this essay to us.
文摘Deep Learning presents a critical capability to be geared into environments being constantly changed and ongoing learning dynamic,which is especially relevant in Network Intrusion Detection.In this paper,as enlightened by the theory of Deep Learning Neural Networks,Hierarchy Distributed-Agents Model for Network Risk Evaluation,a newly developed model,is proposed.The architecture taken on by the distributed-agents model are given,as well as the approach of analyzing network intrusion detection using Deep Learning,the mechanism of sharing hyper-parameters to improve the efficiency of learning is presented,and the hierarchical evaluative framework for Network Risk Evaluation of the proposed model is built.Furthermore,to examine the proposed model,a series of experiments were conducted in terms of NSLKDD datasets.The proposed model was able to differentiate between normal and abnormal network activities with an accuracy of 97.60%on NSL-KDD datasets.As the results acquired from the experiment indicate,the model developed in this paper is characterized by high-speed and high-accuracy processing which shall offer a preferable solution with regard to the Risk Evaluation in Network.
文摘With the continuous use of cloud and distributed computing, the threats associated with data and information technology (IT) in such an environment have also increased. Thus, data security and data leakage prevention have become important in a distributed environment. In this aspect, mobile agent-based systems are one of the latest mechanisms to identify and prevent the intrusion and leakage of the data across the network. Thus, to tackle one or more of the several challenges on Mobile Agent-Based Information Leakage Prevention, this paper aim at providing a comprehensive, detailed, and systematic study of the Distribution Model for Mobile Agent-Based Information Leakage Prevention. This paper involves the review of papers selected from the journals which are published in 2009 and 2019. The critical review is presented for the distributed mobile agent-based intrusion detection systems in terms of their design analysis, techniques, and shortcomings. Initially, eighty-five papers were identified, but a paper selection process reduced the number of papers to thirteen important reviews.
