A Security Determination-Reaction Architecture for Heterogeneous Distributed Network
Keywords:
Security Policy, decision system, reaction, Distributed networks, bayesian networkAbstract
The main focus of this paper is to provide a global architectural solution built on the requirements for a reaction after alert detection mechanisms in the frame of Information Systems Security and more particularly applied to telecom infrastructures security. These infrastructures are distributed in nature, therefore the targeted architecture is developed in a distributed perspective and the architecture is elaborated using the multi-agent system. The Multi-Agent System decision-reaction architecture is developed in a distributed perspective and is composed of three basic layers: low level, intermediate level and high level. The low level aim to be the interface between the main architecture and the targeted infrastructure. The intermediate level is responsible of correlating the alerts coming from different domains of the infrastructure and to deploy smartly the reaction actions.This intermediate level is elaborated using multi-agents system that provide the advantages of autonomous and interaction facilities.The high level permits to have a supervision view of the whole infrastructure, and to manage business policy definition.The proposed approach has been successfully experimented for data access control mechanism.The proposed approach has been illustrated based on the network architecture for heterogeneous mobile computing developed by the BARWAN project .Accordingly: The Building Area constitutes the low level. The Campus –Area is the intermediate level. It takes care about the alerts coming from different domains and deploy the reaction actions smartly.The multi-agent system that has been associated to the OntoBayes model for decision support mechanism.This model helps agents to make decisions according to preference values and is built upon ontology based knowledge sharing , bayesian networks based uncertainity management and influence diagram based decision support.
References
A. Cuevas, P. Serrano, J. I. Moreno, C. J. Bernardos, J. Jähnert, R. L. Aguiar, V. Marques, Usability and Evaluation of a Deployed 4G Network Prototype, Journal of Communications and Networks, Vol. 7 (2), 2008.
Teo, Joseph Chee Ming; Tan, Chik How; Ng, Jim Mee, Denial-ofservice attack resilience dynamic group key agreement for heterogeneous networks, Telecommun. Syst. 35, No. 3-4, 141-160 (2007).
L. J. LaPadula. State of the Art in Anomaly Detection and Reaction Technical Report MP 99B0000020, Mitre, July 1999.
G.L.F. Santos, Z. Abdelouahab, R.A. Dias, C.F.L. Lima, E. Nascimento , E.M. Cochra. An Automated Response Approach for Intrusion Detection Security Enhancement, Software Engineering and Applications, 2003.
M. Petkac and L. Badger, Security agility in response to intrusion detection in 16th Annual Conference on Computer Security Applications (ACSAC `00), 2000.
C. Feltus, D. Khadraoui, B. de Rémont and A.Rifaut, Business Gouvernance based Policy regulation for Security Incident Response. IEEE Global Infrastructure Symposium, 6 July 2007.
Gateau, D. Khadraoui, C. Feltus, Multi-Agents System Service based Platform in Telecommunication Security Incident Reaction, IEEE Global Information Infrastructure Symposium, 2009.
N. Damianou, N. Dulay, E. Lupu, M. Sloman , The Ponder Policy Specification Language, Workshop on Policies for Distributed Systems and Networks (Policy2001), HP Labs Bristol, 29-31. Springer-Verlag.
Bertino, E., Mileo, A., and Provetti, A. 2005. PDL with Preferences. IEEE international Workshop on Policies For Distributed Systems and Networks, Policy 2005 – Vol. 00, IEEE Computer Society, Washington, DC, 213-222.
Aamodt, A., Plaza, E., 1994. Case-based reasoning: foundational issues, methodological variations, and system approaches. AI Communications IOS Press 7 (1), 39–59.
K.-Y. Lu, C.-C. Sy, A real-time decision-making of maintenance using fuzzy agent, Expert Systems with Applications, Volume 36, Issue 2, Part 2, March 2009, Pages 2691-2698
Carrascosa et al., 2006 C. Carrascosa, J. Bajo, V. Julian, J.M. Corchado and V. Botti, Hybrid multi-agent architecture as a real-time problem-solving model, Expert Systems with Applications 34 (2006), pp. 2–17.
Basile, C.; Lioy, A.; Perez, G. Martinez; C., F. J. Garcia; Skarmeta, A. F. Gomez, POSITIF: A Policy-Based Security Management System, Policies for Distributed Systems and Networks, 2007. POLICY’07, pp. 280 – 280.
Torrellas, G.A.S, Modelling a network security systems using multiagents systems engineering, IEEE International Conference on Systems, Man and Cybernetics, 2003. Vol 5, (5-8). 2003 pp 4268 - 4273.
R. Yu, B. Iung, H. Panetto, A multi-agents based E-maintenance system with case-based reasoning decision support, Engineering Applications of Artificial Intelligence, Vol. 16, Issue 4, June 2003, Pages 321-333
http://xml.coverpages.org/draft-seitz-netconf-xacml-00.txt
Cuppens, F., Cuppens-Boulahia, N., Miège, A.: Inheritance hierarchies in the Or-BAC Model ad application in a network environment. In: Second Foundations of Computer Security Workshop (FCS’04), Turku, Finland (2004).
F. Cuppens and A. Miège, Modelling contexts in the Or-BAC model, 19th Annual Computer Security Applications Conference, Las Vegas, December, 2003
IDMEF/RFC4765, Network Working Group: Hervé Debar, France Telecom; D. Curry, Guardian; B. Feinstein, SecureWorks, Inc.; March 2007
B. Gâteau. Modélisation et Supervision d`Institutions Multi-Agents. Ph.D. Thesis, Ecole Supérieure des Mines de Saint-Etienne, 2007.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
