Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Autonomous Intelligent Systems: Multi-Agents and Data Mining

AIS-ADM 2007: Autonomous Intelligent Systems: Multi-Agents and Data Mining pp 212–228Cite as

Multi-agent Framework for Simulation of Adaptive Cooperative Defense Against Internet Attacks

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4476))

Abstract

The paper proposes the framework for investigation of prospective adaptive and cooperative defense mechanisms against the Internet attacks. The approach suggested is based on the multi-agent modeling and simulation. According to the approach the defense and attack systems are represented as interacting teams of intelligent agents that act under some adaptation criterion. They adjust their configuration and behavior in compliance with the network conditions and attack (defense) severity. The paper represents the architecture and software implementation of simulation environment that combines discrete-event simulation, multi-agent approach and packet-level simulation of various Internet protocols. The environment allows to simulate complex attack and defense scenarios. The paper describes the experiments aimed on the investigation of adaptive “Distributed Denial of Service” attacks and defense mechanisms.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Atighetchi, M., et al.: Building Auto-Adaptive Distributed Applications: The QuO-APOD Experience. In: Proceedings of 3rd International Workshop Distributed Auto-adaptive and Reconfigurable Systems (DARES), IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  2. Atighetchi, M., et al.: Adaptive Use of Network-Centric Mechanisms in Cyber-Defense. In: Proceedings of 6th IEEE International Symposium Object-Oriented Real-Time Distributed Computing, IEEE Computer Society Press, Los Alamitos (2003)

    Google Scholar 

  3. Atighetchi, M., et al.: Adaptive Cyberdefense for Survival and Intrusion Tolerance. Internet Computing 8(6) (2004)

    Google Scholar 

  4. Chen, S., Song, Q.: Perimeter-Based Defense against High Bandwidth DDoS Attacks. IEEE Transactions on Parallel and Distributed Systems 16(7) (2005)

    Google Scholar 

  5. Cheng, S., et al.: An Architecture for Coordinating Multiple Self-Management Systems. In: Proceedings of the Fourth Working IEEE/IFIP Conference on Software Architecture (WICSA’04) (2004)

    Google Scholar 

  6. Cohen, P., Levesque, H.J.: Teamwork. Nous 35 (1991)

    Google Scholar 

  7. Combs, N., Vagel, J.: Adaptive mirroring of system of systems architectures. In: Proceedings of the First ACME SIGSOFT Workshop on Self-Healing Systems (WOSS ’02), Charleston, SC, USA, ACM Press, New York (2002)

    Google Scholar 

  8. Dashofy, E.M., van der Hoek, A., Taylor, R.N.: Towards architecture-based self-healing systems. In: Proceedings of the First ACME SIGSOFT Workshop on Self-Healing Systems (WOSS ’02), Charleston, SC, USA, ACM Press, New York (2002)

    Google Scholar 

  9. Gamer, T., Scholler, M., Bless, R.: A Granularity-adaptive System for in-Network Attack Detection. In: Proceedings of the IEEE / IST Workshop on Monitoring, Attack Detection and Mitigation (2006)

    Google Scholar 

  10. Gorodetski, V., Kotenko, I.: Conceptual foundations of stochastic simulation in the Internet (in Russian). In: Proceedings of system analysis institute of RAS, vol. 9, Moscow, URSS (2005)

    Google Scholar 

  11. Gross, P.N., et al.: An active events model for systems monitoring. In: Proceedings of the Working Conference on Complex and Dynamic Systems Architecture, Brisbane, Australia (2001)

    Google Scholar 

  12. Grosz, B., Kraus, S.: Collaborative Plans for Complex Group Actions. Artificial Intelligence 86 (1996)

    Google Scholar 

  13. Horn, P.: Autonomic Computing: IBM’s Perspective on the State of Information Technology (2001), http://www.research.ibm.com/autonomic/manifesto/autonomic_computing.pdf

  14. Jin, C., Wang, H., Shin, K.G.: Hop-count filtering: An effective defense against spoofed DDoS traffic. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (2003)

    Google Scholar 

  15. Silva, F., et al.: Modeling Dynamic Adaptation of Distributed Systems. Technical Report UIUCDCS-R-2000-2196, Department of Computer Science, University of Illinois at Urbana-Champaign (2000)

    Google Scholar 

  16. Ishida, Y.: Immunity-Based Systems A Design Perspective. Springer, Heidelberg (2004)

    Google Scholar 

  17. J-Sim homepage, http://www.j-sim.org

  18. Kephart, J.O., Chess, D.M.: The Vision of Autonomic Computing. IEEE Computer Magazine 1 (2003)

    Google Scholar 

  19. Keromytis, A.D., et al.: A Holistic Approach to Service Survivability. In: Proc. ACM Workshop on Survivable and Self-Regenerative Systems, ACM Press, New York (2003)

    Google Scholar 

  20. Keromytis, A.D., Misra, V., Rubenstein, D.: SOS: An architecture for mitigating DDoS attacks. Journal on Selected Areas in Communications 21 (2003)

    Google Scholar 

  21. Knight, J., et al.: The Willow Architecture: Comprehensive Survivability for Large-Scale Distributed Applications. In: Proc. Of International Conf. Dependable Systems and Networks (DSN 02), supplemental vol., IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  22. Kotenko, I.V., Ulanov, A.V.: Agent-based simulation of DDOS attacks and defense mechanisms. Journal of Computing 4(2) (2005)

    Google Scholar 

  23. Kotenko, I., Ulanov, A.: Agent-based modeling and simulation of network softbots’ competition. Knowledge-Based Software Engineering. In: Proceedings of the Seventh Joint Conference on Knowledge-Based Software Engineering (JCKBSE’06). Frontiers in Artificial Intelligence, IOS Press, Amsterdam (2006)

    Google Scholar 

  24. Kotenko, I., Ulanov, A.: Simulation of Internet DDoS Attacks and Defense. In: Katsikas, S.K., et al. (eds.) ISC 2006. LNCS, vol. 4176, Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  25. Macal, C.M., North, M.J.: Tutorial on Agent-based Modeling and Simulation. In: Proceedings of the 2005 Winter Simulation Conference (2005)

    Google Scholar 

  26. Mahadevan, P., et al.: Lessons from Three Views of the Internet Topology. Technical Report. Cooperative Association for Internet Data Analysis (CAIDA) (2005)

    Google Scholar 

  27. Marietto, M., et al.: Requirements Analysis of Agent-Based Simulaton Platforms: State of the Art and New Prospects. In: Sichman, J.S., Bousquet, F., Davidsson, P. (eds.) MABS 2002. LNCS (LNAI), vol. 2581, Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  28. Mirkovic, J., et al.: Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall PTR, Englewood Cliffs (2004)

    Google Scholar 

  29. Mirkovic, J., et al.: Distributed Defense Against DDOS Attacks. Technical Report CIS-TR-2005-02, University of Delaware (2005)

    Google Scholar 

  30. Negoita, M., Neagu, D., Palade, V.: Computational Intelligence Engineering of Hybrid Systems. Springer, Heidelberg (2005)

    MATH  Google Scholar 

  31. NS2 homepage, http://www.isi.edu/nsnam/ns/

  32. OMNeT++ homepage, http://www.omnetpp.org/

  33. Oreizy, P., et al.: An architecture-based approach to self-adaptative software. IEEE Intelligent Systems 14(3) (1999)

    Google Scholar 

  34. Papadopoulos, C., et al.: Cossack: Coordinated suppression of simultaneous attacks. In: Proceedings of DISCEX III (2003)

    Google Scholar 

  35. Paruchuri, P., et al.: Mutiagent Teamwork: Hybrid Approaches. Computer society of India Communications (2006)

    Google Scholar 

  36. Ramamohanarao, K., Peng, T., Leckie, C.: Proactively Detecting Distributed Denial of Service Attacks Using Source IP Address Monitoring. In: Mitrou, N.M., et al. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 771–782. Springer, Heidelberg (2004)

    Google Scholar 

  37. Piszcz, A., et al.: Engineering Issues for an Adaptive Defense Network. MITRE Technical Report (2001)

    Google Scholar 

  38. SSF Net homepage, http://www.ssfnet.org

  39. Tambe, M., Pynadath, D.V.: Towards Heterogeneous Agent Teams. In: Luck, M., et al. (eds.) ACAI 2001 and EASSS 2001. LNCS (LNAI), vol. 2086, Springer, Heidelberg (2001)

    Google Scholar 

  40. Want, R., Pering, T., Tennenhouse, D.: Comparing autonomic and proactive computing. IBM Systems Journal 42(1) (2003)

    Google Scholar 

  41. Webber, F., et al.: Defense-Enabled Applications. In: Proc. DARPA Information Survivability Conf (DISCEX II), vol. 2, IEEE CS Press, Los Alamitos (2001)

    Google Scholar 

  42. Xuan, D., Bettati, R., Zhao, W.: A gateway-based defense system for distributed dos attacks in high-speed networks. IEEE Transactions on Systems, Man, and Cybernetics (2002)

    Google Scholar 

  43. Zou, C.C., et al.: Adaptive Defense against Various Network Attacks. IEEE Journal on Selected Areas in Communications: High-Speed Network Security (J-SAC) 24(10) (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Security Research Group, St. Petersburg Institute for Informatics and Automation, 39, 14 Liniya, St.-Petersburg, 199178, Russia

    Igor Kotenko & Alexander Ulanov

Authors
  1. Igor Kotenko
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alexander Ulanov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Vladimir Gorodetsky Chengqi Zhang Victor A. Skormin Longbing Cao

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer Berlin Heidelberg

About this paper

Cite this paper

Kotenko, I., Ulanov, A. (2007). Multi-agent Framework for Simulation of Adaptive Cooperative Defense Against Internet Attacks. In: Gorodetsky, V., Zhang, C., Skormin, V.A., Cao, L. (eds) Autonomous Intelligent Systems: Multi-Agents and Data Mining. AIS-ADM 2007. Lecture Notes in Computer Science(), vol 4476. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72839-9_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-72839-9_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-72838-2

  • Online ISBN: 978-3-540-72839-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation