File(s) under permanent embargo
Ontology-based knowledge representation for a P2P multi-agent distributed intrusion detection system
Many research efforts on application of ontology in network security have been done in the past decade. However, they mostly stop at initial proposal or focus on framework design without detailed representation of intrusion or attack and relevant detection knowledge with ontology. In this paper, the design and implementation of Ontology-Based Knowledge Representation for a Peer-to-Peer Multi-Agent Distributed Intrusion Detection System (Ontology-Based MADIDS) are introduced. An example which demonstrates the representation of an attack with ontology and the relevant detection process is also presented. In Ontology-Based MADIDS, ontology technique enables peers in the system and agents in one peer to share common understanding of information. In addition, benefited from agent technology and P2P architecture, agents in Ontology-Based MADIDS not only detect attacks on a single host but also in a distributed domain. These features make the Ontology-Based MADIDS more flexible and robust.
History
Publication title
Proceedings of the 2008 IFIP International Conference on Network and Parallel ComputingPagination
111-118ISBN
9780769533544Department/School
School of Information and Communication TechnologyPublisher
Institute of Electrical and Electronics EngineersPlace of publication
United StatesEvent title
2008 IFIP International Conference on Network and Parallel ComputingEvent Venue
Shanghai, ChinaDate of Event (Start Date)
2008-10-18Date of Event (End Date)
2008-10-21Rights statement
Copyright 2008 IEEERepository Status
- Restricted