Efficient visualization of security events in a large agent society
نویسندگان
چکیده
The paper describes the design and development of an efficient visualization tool called security console for monitoring security related events in a large agent society (CougaarTM). This administrative tool is primarily used to collect and process alert messages generated by various sensors across the distributed agent society. This tool exploits the agents’ hierarchical structural for aggregating security events in order to discover correlation among them. In particular, it logically groups related alerts from raw messages (by removing duplicates, if any) and applies data mining techniques (like association rules and frequency episode learning), to discover situations that have certain characteristics in common. We performed extensive experimentation with the security console in various attack scenarios that generate large number of alert messages. Reported results exhibit that this alert monitoring and correlation tool can provide a profile of attack patterns which occur more frequently in the monitored agent society.
منابع مشابه
Mining security events in a distributed agent society
In distributed agent architecture, tasks are performed on multiple computers which are sometimes spread across different locations. While it is important to collect security critical sensory information from the agent society, it is equally important to analyze and report such security events in a precise and useful manner. Data mining techniques are found to be very efficient in the generation...
متن کاملAn efficient secure channel coding scheme based on polar codes
In this paper, we propose a new framework for joint encryption encoding scheme based on polar codes, namely efficient and secure joint secret key encryption channel coding scheme. The issue of using new coding structure, i.e. polar codes in Rao-Nam (RN) like schemes is addressed. Cryptanalysis methods show that the proposed scheme has an acceptable level of security with a relatively smaller ke...
متن کاملHybrid Multi Agent-Neural Network Intrusion Detection with Mobile Visualization
A multiagent system that incorporates an Artificial Neural Networks based Intrusion Detection System (IDS) has been defined to guaranty an efficient computer network security architecture. The proposed system facilitates the intrusion detection in dynamic networks. This paper presents the structure of the Mobile Visualization Connectionist Agent-Based IDS, more flexible and adaptable. The propo...
متن کاملAn administrative tool for monitoring a distributed agent society
The paper describes the design and implementation of a security administration tool, which can monitor a multiagent system (MAS). This is a web-based monitoring tool that enables the user to interact with a Cougaar-based agent society. It provides an interface to efficiently search and visualize security events and alert messages produced by active sensors and analyzers. The goal of this work i...
متن کاملA computational model and convergence theorem for rumor dissemination in social networks
The spread of rumors, which are known as unverified statements of uncertain origin, may threaten the society and it's controlling, is important for national security councils of countries. If it would be possible to identify factors affecting spreading a rumor (such as agents’ desires, trust network, etc.) then, this could be used to slow down or stop its spreading. Therefore, a computational m...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005