IDReAM: Intrusion Detection and Response Executed with Agent Mobility | SpringerLink
Skip to main content
Springer Nature Link
Log in

IDReAM: Intrusion Detection and Response Executed with Agent Mobility

The Conceptual Model Based on Self- rganizing Natural Systems

  • Conference paper
Engineering Self-Organising Systems (ESOA 2004)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3464))

Included in the following conference series:

Abstract

Nowadays, lots of researches in Intrusion Detection and Intrusion Response try to find new solutions to circumvent new intrusive behaviors. One of the principal weaknesses of these systems is the lack of robustness inherent in their centralized nature. Even though most of the existing Intrusion Detection and Response Systems (IDRSystems) use distributed data collection (host-based or network-based) many of them continue to perform data analysis centrally, thereby limiting scalability. Moreover, even if the IDRSystem is distributed in the network, its deployed elements generally remain static. With the means available to modern attackers, such as automated intrusion tools, these static and distributed elements are easily accessible. Often, this does not always contribute to improving the reliability and resistance to attacks of such static components.

This paper presents our approach for building an IDRSystem called Intrusion Detection and Response extended with Agent Mobility or IDReAM for short. IDReAM combines Mobile Agents (MAs) with self-organizing paradigms inspired by natural life systems. This approach was already announced in a preceding paper [4], and the present paper describes in a more detailed way the conceptual model. All the research works relating to IDReAM are gathered in a PhD Thesis [3] which also contains the implementation results of the model and its evaluation. The present paper is limited only to the model.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Di Caro, G., Dorigo, M.: Ant colonies for adaptive routing in packet-switched communications networks. IRIDIA Universit Libre de Bruxelles, Belgium (1998)

    Google Scholar 

  2. Forrest, S., Hofmeyr, S., Somayaji, A., Longstaff, T.: A sense of self for unix processes. In: Proceedinges of the 1996 IEEE Symposium on Research in Securit and Privacy Context Related (1996)

    Google Scholar 

  3. Foukia, N.: IDReAM: Intrusion Detection Executed with Agent Mobility - A Distributed Approach Inspired from Natural Life Systems. PhD thesis. University of Geneva (2004)

    Google Scholar 

  4. Foukia, N., Hassas, S.: Managing computer networks security through selforganization - a complex system perspective. In: Proceedings of the First International Workshop on Engineering Self-Organising Applications (ESOA), Melbourne, Australia (July 14-15, 2003)

    Google Scholar 

  5. Foukia, N., Hassas, S., Fenet, S., Hulaas, J.: An intrusion response scheme: Tracking the alert source using stigmergy paradigm. In: SEMAS 2002, Bologna - Italy (July 2002)

    Google Scholar 

  6. Grassé, P.P.: La reconstruction du nid et les interactions inter-individuelles chez les bellicoitermes natalenis et cubitermes, la thorie de la stigmergie - essai d’interprtation d es termites constructeurs. Insectes Sociaux (6), 41–81 (1959)

    Google Scholar 

  7. Hofmeyr, S.A., Forrest, S.: Immunity by design: An artificial immune system. In: Proceedings of the Genetic and Evolutionary Computation Conference (GECCO). Morgan- Kaufmann, San Francisco (1999)

    Google Scholar 

  8. J-Seal2, http://www.coco.co.at/development/

  9. Kleinstein, S.H., Seiden, P.E.: Simulating the immune system. Computing in Science and Engineering, 69–77 (July 2000)

    Google Scholar 

  10. Martinoli, A.: Swarm Intelligence in Autonomous Collective Robotics: From Tools to the Analysis and Synthesis of Distributed Collective Strategies. PhD thesis, EPFL, Lausanne, Switzerland (1999)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Geneva, rue Général Dufour 24, CH-1211, Geneva 4, Switzerland

    Noria Foukia

Authors
  1. Noria Foukia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. NewVectors, 3520 Green Court, Suite 250, MI 48105, Ann Arbor, USA

    Sven A. Brueckner

  2. School of Computer Science and Information Systems, Birkbeck College London,  

    Giovanna Di Marzo Serugendo

  3. Department of Computer and Communication Engineering, University of Thessaly, 37 Glavani, 28th October Str., Deligiorgi Building, 4th floor, room D3/4, 382 21, Volos, Greece

    Anthony Karageorgos

  4. Division of Engineering and Applied Sciences, Computer Science Dept., Harvard University, 235 Maxwell Dworkin, 33 Oxford Street, MA 02138, Cambridge, USA

    Radhika Nagpal

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Foukia, N. (2005). IDReAM: Intrusion Detection and Response Executed with Agent Mobility. In: Brueckner, S.A., Di Marzo Serugendo, G., Karageorgos, A., Nagpal, R. (eds) Engineering Self-Organising Systems. ESOA 2004. Lecture Notes in Computer Science(), vol 3464. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11494676_15

Download citation

  • DOI: https://doi.org/10.1007/11494676_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26180-3

  • Online ISBN: 978-3-540-31901-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics