OMAIDS: A Multi-agents Intrusion Detection System Based Ontology

Brahmi, Imen; Brahmi, Hanen

doi:10.1007/978-3-319-24834-9_19

Imen Brahmi¹⁸ &
Hanen Brahmi¹⁸

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 9375))

Included in the following conference series:

International Conference on Intelligent Data Engineering and Automated Learning

1468 Accesses
1 Citations

Abstract

Nowadays, as a security infrastructure the Intrusion Detection System (IDS) have evolved significantly since their inception. Generally, most existing IDSs are plugged with various drawbacks, e.g., excessive generation of false alerts, low efficiency, etc., especially when they face distributed attacks. In this respect, various new intelligent techniques have been used to improve the intrusion detection process. This paper introduces a novel intelligent IDS, which integrates the desirable features provided by the multi-agents methodology with the benefits of semantic relations. Carried out experiments showed the efficiency of our distributed IDS, that sharply outperforms other systems over real traffic and a set of simulated attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
Available at: http://xstream.codehaus.org/.
2.
An attack signature is a known attack method that exploits the system vulnerabilities and causes security problem [2].
3.
Available at: http://jade.tilab.com.
4.
Available at: http://netresearch.ics.uci.edu/kfujii/jpcap/doc/.
5.
Available at: http://protege.stanford.edu/download/download.html.
6.
Available at: http://www.fipa.org.
7.
TCP Connect Scan is a scan method used by the operating system to initiate a TCP connection to a remote device. It allows to determine if a port is available.
8.
We thank Mrs. Djotio et al. [4] for providing us with the implementation of MONI system.
9.
Available at: http://www.metasploit.com/.

References

Abdoli, F., Kahani, M.: Ontology-based distributed intrusion detection system. In: Proceedings of the 14th International CSI Computer Conference CSICC 2009, Tehran, Iran, pp. 65–70 (2009)
Google Scholar
Brahmi, I., Ben Yahia, S., Aouadi, H., Poncelet, P.: Towards a multiagent-based distributed intrusion detection system using data mining approaches. In: Cao, L., Bazzan, A.L.C., Symeonidis, A.L., Gorodetsky, V.I., Weiss, G., Yu, P.S. (eds.) ADMI 2011. LNCS, vol. 7103, pp. 173–194. Springer, Heidelberg (2012)
Chapter Google Scholar
Brahmkstri, K., Thomas, D., Sawant, S.T., Jadhav, A., Kshirsagar, D.D.: Ontology based multi-agent intrusion detection system for web service attacks using self learning. In: Meghanathan, N., Nagamalai, D., Rajasekaran, S. (eds.) Networks and Communications (NetCom2013), pp. 265–274. Springer, New York (2014)
Chapter Google Scholar
Djotio, T.N., Tangha, C., Tchangoue, F.N., Batchakui, B.: MONI: Mobile agents ontology based for network intrusions management. Int. J. Adv. Media Commun. 2(3), 288–307 (2008)
Article Google Scholar
Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., Dean, M.: SWRL: A Semantic Web Rule Language Combining OWL and RuleML (2004). http://www.w3.org/Submission/SWRL/
Isaza, G.A., Castillo, A.G., López, M., Castillo, L.F.: Towards ontology-based intelligent model for intrusion detection and prevention. J. Inf. Assur. Secur. 5, 376–383 (2010)
MATH Google Scholar
Mandujano, S., Galvan, A., Nolazco, J.A.: An ontology-based multiagent approach to outbound intrusion detection. In: Proceedings of the International Conference on Computer Systems and Applications, AICCSA 2005, Cairo, Egypt, pp. 94-I (2005)
Google Scholar
Roesch, M.: Snort - lightweight intrusion detection system for networks. In: Proceedings of the 13th USENIX Conference on System Administration (LISA 1999), Seattle, Washington, pp. 229–238 (1999)
Google Scholar
Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003)
Chapter Google Scholar

Download references

Author information

Authors and Affiliations

Computer Science Department, Faculty of Sciences of Tunis, Campus University, 1060, Tunis, Tunisia
Imen Brahmi & Hanen Brahmi

Authors

Imen Brahmi
View author publications
You can also search for this author in PubMed Google Scholar
Hanen Brahmi
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Imen Brahmi .

Editor information

Editors and Affiliations

Wroclaw University of Technology, Wroclaw, Poland
Konrad Jackowski
Department of Systems, Wroclaw University of Technology, Wroclaw, Poland
Robert Burduk
Wroclaw Univ of Tech, Wroclaw, Poland
Krzysztof Walkowiak
Wroclaw University of Technology, Faculty of Electronics, Wroclaw, Poland
Michal Wozniak
School of Electrical & Electronic E, University of Manchester, Manchester, United Kingdom
Hujun Yin

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Brahmi, I., Brahmi, H. (2015). OMAIDS: A Multi-agents Intrusion Detection System Based Ontology. In: Jackowski, K., Burduk, R., Walkowiak, K., Wozniak, M., Yin, H. (eds) Intelligent Data Engineering and Automated Learning – IDEAL 2015. IDEAL 2015. Lecture Notes in Computer Science(), vol 9375. Springer, Cham. https://doi.org/10.1007/978-3-319-24834-9_19

Download citation

DOI: https://doi.org/10.1007/978-3-319-24834-9_19
Published: 07 January 2016
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24833-2
Online ISBN: 978-3-319-24834-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics