An Immune Inspired Behavior-based Multi- Agent Model for Detecting Network Clients’ Misbehavior
نویسندگان
چکیده
Most of the intrusion detection systems are unable to detect behavior-based intrusions such as Stuxnet, because of their absolute view of the intrusion. There are some legitimate behaviors which their subsequences cause intrusions. In this paper, a multi-agent model inspired by the human immune system has been proposed whose autonomous agents have a conditional view towards intrusion concept. The first level of the intrusion detection in this model has been implemented in clients' side on the anomaly detection. Furthermore, by agent migration to the server, the final detection about the intrusion is fulfilled by server’s agents in second level. In this level, an intrusion probability is measured in a Bayesian network based on the subsequence of functions and system calls which has been invoked in the client. This value shows the occurrence probability of this subsequence in an intrusion. Therefore, the false negative error probability will be decreased.
منابع مشابه
A Biologically-Inspired Type-2 Fuzzy Set Based Algorithm for Detecting Misbehaving Nodes in Ad-Hoc Wireless Networks
Implementation of routing protocols in mobile adhoc networks relies on efficient node cooperation. However, node misbehavior is a common phenomenon, thus, ad-hoc networks are subject to packet dropping, packet modification, packet misrouting, selfish node behavior, and so on. In this paper, a biologically-inspired type-2 fuzzy set recognition algorithm for detecting misbehaving nodes in an ad-h...
متن کاملResearch on Application of Mobile Agent Based on Immune Algorithms in Ad Hoc Network
Ad Hoc network is a kind of multi hop, self-organizing wireless network without center. Each node in network can be used as host as well as router and it can form any network topology through wireless connections. Because of characteristics of itself, many new service items and application fields appear; meanwhile, it is also faced with many new security threats. Using immune agent can perceive...
متن کاملA Hybrid Approach for Misbehavior Detection in Wireless Ad-Hoc Networks
In wireless ad-hoc networks, the participating wireless stations use a routing protocol called as Dynamic Source Routing (DSR). Such networks are highly vulnerable to (packet) routing misbehavior which is generally due to malware, faulty or compromised stations. For such networks, the traditional way of implementing firewalls at switches, routers or gateways and encryption software are not suff...
متن کاملAn Artificial Immune System for Misbehavior Detection in Mobile Ad-Hoc Networks with Virtual Thymus, Clustering, Danger Signal, and Memory Detectors
Nodes that build a mobile ad-hoc network participate in a common routing protocol in order to provide multi-hop radio communication. Routing defines how control information is exchanged between nodes in order to find the paths between communication pairs, and how data packets are relayed. Such networks are vulnerable to routing misbehavior, due to faulty, selfish or malicious nodes. Misbehavior...
متن کاملImpact of Misbehaviour and its Detection in Ad-hoc Wireless Sensor Networks using AIS
Characteristic for ad-hoc wireless sensor networks is the lack of a centralized control. Instead each node serves as a routing device, which is able to forward packets to its neighbors1 and receive packets from them. Node movement is allowed, but rare for sensor nodes. Each node is able to be switched on and off at any time depending on its power saving configuration. Such networks are extremel...
متن کامل