VMSoar: a cognitive agent for network security

نویسندگان

  • David P. Benjamin
  • Ranjita Shankar-Iyer
  • Archana Perumal
چکیده

VMSoar is a cognitive network security agent designed for both network configuration and long-term security management. It performs automatic vulnerability assessments by exploring a configuration’s weaknesses and also performs network intrusion detection. VMSoar is built on the Soar cognitive architecture, and benefits from the general cognitive abilities of Soar, including learning from experience, the ability to solve a wide range of complex problems, and use of natural language to interact with humans. The approach used by VMSoar is very different from that taken by other vulnerability assessment or intrusion detection systems. VMSoar performs vulnerability assessments by using VMWare to create a virtual copy of the target machine then attacking the simulated machine with a wide assortment of exploits. VMSoar uses this same ability to perform intrusion detection. When trying to understand a sequence of network packets, VMSoar uses VMWare to make a virtual copy of the local portion of the network and then attempts to generate the observed packets on the simulated network by performing various exploits. This approach is initially slow, but Soar’s learning ability significantly speeds up both vulnerability assessment and intrusion detection with experience. This paper describes the design and implementation of VMSoar, and initial experiments.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

ارائه مدلی جهت استفاده ازعاملهای متحرک در سیستم های تشخیص نفوذ توزیع شده مبتنی بر تئوری بازی

The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value...

متن کامل

Parla: A Cooperation Language for Cognitive Multi-Agent Systems

One of the main goals of Distributed Artiicial Intelligence is to devise methods to join a community of Computational Agents into a Multi-Agent System, where these agents can cooperate to reach common goals. Cooperation in a Cognitive Agent community is usually supported by an Agent Communication Language (ACL) which allows the agents to exchange knowledge and information through a computer net...

متن کامل

Development of a Unique Biometric-based Cryptographic Key Generation with Repeatability using Brain Signals

Network security is very important when sending confidential data through the network. Cryptography is the science of hiding information, and a combination of cryptography solutions with cognitive science starts a new branch called cognitive cryptography that guarantee the confidentiality and integrity of the data. Brain signals as a biometric indicator can convert to a binary code which can be...

متن کامل

On the Robustness of Cognitive Networking Mechanisms to Malicious Insiders

Cognitive networking mechanisms promise to greatly improve network performance over non~cognitive mechanisms, by making more efficient nse of bandwidth, spectrum, and power. However, these mechanisms must be designed v,'ilh cyber security in mind in order to rem~lin efficient in lhe presence of subverted, adversarial participants. In t.his paper, we demonstrate the susceptibility of two speciEc...

متن کامل

Static Security Constrained Generation Scheduling Using Sensitivity Characteristics of Neural Network

This paper proposes a novel approach for generation scheduling using sensitivitycharacteristic of a Security Analyzer Neural Network (SANN) for improving static securityof power system. In this paper, the potential overloading at the post contingency steadystateassociated with each line outage is proposed as a security index which is used forevaluation and enhancement of system static security....

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2005