Abstract
Nowadays, as a security infrastructure the Intrusion Detection System (IDS) have evolved significantly since their inception. Generally, most existing IDSs are plugged with various drawbacks, e.g., excessive generation of false alerts, low efficiency, etc., especially when they face distributed attacks. In this respect, various new intelligent techniques have been used to improve the intrusion detection process. This paper introduces a novel intelligent IDS, which integrates the desirable features provided by the multi-agents methodology with the benefits of semantic relations. Carried out experiments showed the efficiency of our distributed IDS, that sharply outperforms other systems over real traffic and a set of simulated attacks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Available at: http://xstream.codehaus.org/.
- 2.
An attack signature is a known attack method that exploits the system vulnerabilities and causes security problem [2].
- 3.
Available at: http://jade.tilab.com.
- 4.
Available at: http://netresearch.ics.uci.edu/kfujii/jpcap/doc/.
- 5.
Available at: http://protege.stanford.edu/download/download.html.
- 6.
Available at: http://www.fipa.org.
- 7.
TCP Connect Scan is a scan method used by the operating system to initiate a TCP connection to a remote device. It allows to determine if a port is available.
- 8.
We thank Mrs. Djotio et al. [4] for providing us with the implementation of MONI system.
- 9.
Available at: http://www.metasploit.com/.
References
Abdoli, F., Kahani, M.: Ontology-based distributed intrusion detection system. In: Proceedings of the 14th International CSI Computer Conference CSICC 2009, Tehran, Iran, pp. 65–70 (2009)
Brahmi, I., Ben Yahia, S., Aouadi, H., Poncelet, P.: Towards a multiagent-based distributed intrusion detection system using data mining approaches. In: Cao, L., Bazzan, A.L.C., Symeonidis, A.L., Gorodetsky, V.I., Weiss, G., Yu, P.S. (eds.) ADMI 2011. LNCS, vol. 7103, pp. 173–194. Springer, Heidelberg (2012)
Brahmkstri, K., Thomas, D., Sawant, S.T., Jadhav, A., Kshirsagar, D.D.: Ontology based multi-agent intrusion detection system for web service attacks using self learning. In: Meghanathan, N., Nagamalai, D., Rajasekaran, S. (eds.) Networks and Communications (NetCom2013), pp. 265–274. Springer, New York (2014)
Djotio, T.N., Tangha, C., Tchangoue, F.N., Batchakui, B.: MONI: Mobile agents ontology based for network intrusions management. Int. J. Adv. Media Commun. 2(3), 288–307 (2008)
Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., Dean, M.: SWRL: A Semantic Web Rule Language Combining OWL and RuleML (2004). http://www.w3.org/Submission/SWRL/
Isaza, G.A., Castillo, A.G., López, M., Castillo, L.F.: Towards ontology-based intelligent model for intrusion detection and prevention. J. Inf. Assur. Secur. 5, 376–383 (2010)
Mandujano, S., Galvan, A., Nolazco, J.A.: An ontology-based multiagent approach to outbound intrusion detection. In: Proceedings of the International Conference on Computer Systems and Applications, AICCSA 2005, Cairo, Egypt, pp. 94-I (2005)
Roesch, M.: Snort - lightweight intrusion detection system for networks. In: Proceedings of the 13th USENIX Conference on System Administration (LISA 1999), Seattle, Washington, pp. 229–238 (1999)
Undercoffer, J., Joshi, A., Pinkston, J.: Modeling computer attacks: an ontology for intrusion detection. In: Vigna, G., Kruegel, C., Jonsson, E. (eds.) RAID 2003. LNCS, vol. 2820, pp. 113–135. Springer, Heidelberg (2003)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Brahmi, I., Brahmi, H. (2015). OMAIDS: A Multi-agents Intrusion Detection System Based Ontology. In: Jackowski, K., Burduk, R., Walkowiak, K., Wozniak, M., Yin, H. (eds) Intelligent Data Engineering and Automated Learning – IDEAL 2015. IDEAL 2015. Lecture Notes in Computer Science(), vol 9375. Springer, Cham. https://doi.org/10.1007/978-3-319-24834-9_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-24834-9_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24833-2
Online ISBN: 978-3-319-24834-9
eBook Packages: Computer ScienceComputer Science (R0)