The Importance of Time in the Identification of Anomalous Situations by Means of MOVICAB-IDS
Fecha de publicación
Nature-Inspired Smart Information Systems NiSIS 2006 &- 2nd Annual Symposium.
Intrusion Detection Systems (IDSs) are a part of the computer security infrastructure of most organizations. They are designed to detect suspect patterns by monitoring and analysing computer network events. Different areas of artificial intelligence, statistical and signature verification techniques have been applied in the field of IDSs. Additionally, visualization tools have been applied for intrusion detection, some of them providing visual measurements of network traffic. As described in previous works, MOVICAB-IDS (MObile VIsualization Cooperative Agent-Based IDS) is a bio-inspired tool based on the use of unsupervised Neural Networks (NN), and provides the network administrator with a snapshot of network traffic, protocol interactions and traffic volume. It offers a complete and more intuitive visualization of the network traffic by depicting each simple packet. To improve the accessibility of the system, the administrator may visualize the results on a mobile device (such as PDA’s, mobile phones or embedded devices), enabling informed decisions to be taken anywhere and at any time. It is a combination of a connectionist model and a multiagent system enriched by a functional and mobile visualization. The viability and effectiveness of MOVICAB-IDS has been shown in previous works. This paper focuses on the importance of the time-information dependence in the identification of anomalous situations in the case of the proposed model. Several experiments show that the connectionist method on which MOVICAB-IDS is based (that has never been applied to the IDS and network security field before the beginning of this research) can highlight the evolution of packets along time. That is, MOVICAB-IDS identifies anomalous situations by taking into account the time-related dimension among others and by using unsupervised bio-inspired models.
- BISITE. Congresos 
Files in this item