A Distributed Multi-Agent Architecture for Computer Security Situational Awareness
نویسندگان
چکیده
Distributed systems for computer security analysis must perform information fusion in order to construct a cyberspace situational awareness picture. To date such fusion has been conducted in the context of a single abstraction set. As the complexity and heterogony increase, this approach becomes unwieldy. In a conceptual sense it is unscaleable. In this paper we describe an alternative approach, an architecture which supports concurrent reasoning in multiple sets of abstractions in a structured way. We present the architecture and a reasoning system for cyberspace situational awareness constructed using our approach.
منابع مشابه
The DEFACTO System: Coordinating Human-Agent Teams for the Future of Disaster Response
Enabling effective interactions between agent teams and humans for disaster response is a critical area of research, with encouraging progress in the past few years. However, previous work suffers from two key limitations: (i) limited human situational awareness, reducing human effectiveness in directing agent teams and (ii) the agent team’s rigid interaction strategies that limit team performa...
متن کاملDynamic configuration and collaborative scheduling in supply chains based on scalable multi-agent architecture
Due to diversified and frequently changing demands from customers, technological advances and global competition, manufacturers rely on collaboration with their business partners to share costs, risks and expertise. How to take advantage of advancement of technologies to effectively support operations and create competitive advantage is critical for manufacturers to survive. To respond to these...
متن کاملThe Future of Disaster Response: Humans Working with Multiagent Teams using DEFACTO
When addressing terrorist threats we must give special attention to both prevention and disaster response. Enabling effective interactions between agent teams and humans for disaster response is a critical area of research, with encouraging progress in the past few years. However, previous work suffers from two key limitations: (i) limited human situational awareness, reducing human effectivene...
متن کاملNetSecRadar: A Visualization System for Network Security Situational Awareness
Situational awareness is defined as the ability to effectively determine an overall computer network status based on relationships between security events in multiple dimensions. Unfortunately, as the lack of tools to synthetically analyze the security logs generated by kinds of network security products, such as NetFlow, Firewall and Host Security, it is difficult to monitor and perceive netwo...
متن کاملDangers in Multiagent Rescue using DEFACTO
Enabling interactions of agent-teams and humans for safe and effective Multiagent rescue is a critical area of research, with encouraging progress in the past few years. However, previous work suffers from three key limitations: (i) limited human situational awareness, reducing human effectiveness in directing agent teams, (ii) the agent team’s rigid interaction strategies that jeopardize the r...
متن کامل