MULTI-AGENT SIMULATION OF ATTACKS AND DEFENSE MECHANISMS IN COMPUTER NETWORKS

Authors

  • Igor Kotenko

DOI:

https://doi.org/10.47839/ijc.7.2.508

Keywords:

Cyber-attacks, cyber-defense, agents, simulation

Abstract

The paper considers the approach to investigation of distributed cooperative cyber-defense mechanisms against network infrastructure oriented attacks (Distributed Denial of Service, network worms, botnets, etc.). The approach is based on the agent-based simulation of cyber-attacks and cyber-protection mechanisms which combines discrete-event simulation, multi-agent approach and packet-level simulation of network protocols. The various methods of counteraction against cyber-attacks are explored by representing attack and defense components as agent teams using the software simulation environment under development. The teams of defense agents are able to cooperate as the defense system components of different organizations and Internet service providers (ISPs). The paper represents the common framework and implementation peculiarities of the simulation environment as well as the experiments aimed on the investigation of distributed network attacks and defense mechanisms.

References

T. Back, D.B. Fogel, Z. Michalewicz. Evolutionary computation. Vol. 1. Basic algorithms and operators. Institute of Physics Publishing, 2000.

E. Charniak, R.P. Goldman. A Bayesian Model of Plan recognition. Artificial Intelligence, vol. 64, no. 1, 1993.

S. Chen, Q. Song. Perimeter-Based Defense against High Bandwidth DDoS Attacks. IEEE Transactions on Parallel and Distributed Systems, vol. 16, no. 7, 2005.

P. Cohen, H.J. Levesque. Teamwork. Nous, no. 35, 1991.

V.V. Druzhinin, D.S. Kontorov, M.D. Kontorov. Introduction into conflict theory. Moscow, Radio i svyas’, 1989 (in Russian).

T.Gamer, M.Scholler, R.Bless. A Granularity-adaptive System for in-Network Attack Detection. Proceedings of the IEEE / IST Workshop on Monitoring, Attack Detection and Mitigation. 2006.

C.W. Geib, R.P. Goldman. Plan recognition in intrusion detection systems. DARPA Information Survivability Conference and Exposition, DARPA and the IEEE Computer Society, 2001.

V. Gorodetski, I. Kotenko. Conceptual foundations of stochastic simulation in the Internet. Proceedings of system analysis institute of RAS, vol.9, Moscow, URSS, 2005 (in Russian).

B. Grosz, S. Kraus. Collaborative Plans for Complex Group Actions. Artificial Intelligence, vol. 86, 1996.

D. Gu, E. Yang. Multiagent Reinforcement Learning for Multi-Robot Systems: A Survey. Technical Report of the Department of Computer Science, University of Essex, CSM-404, 2004.

P. Horn. Autonomic Computing: IBM's Perspective on the State of Information Technology. http://www.research.ibm.com/ autonomic/manifesto/autonomic_computing.pdf.

J. Ioannidis, S.M. Bellovin. Implementing Pushback: Router-Based Defense Against DDoS Attacks. Symposium of Network and Distributed Systems Security (NDSS), California. 2002.

Y. Ishida. Immunity-Based Systems A Design Perspective. Springer Verlag, 2004.

C. Jin, H. Wang, K.G. Shin. Hop-count filtering: An effective defense against spoofed DDoS traffic. Proceedings of ACM Conference on Computer and Communications Security. 2003.

J.O. Kephart, D.M. Chess. The Vision of Autonomic Computing. IEEE Computer Magazine, no. 1, 2003.

A. Keromytis, V. Misra, D. Rubenstein. SOS: Secure Overlay Services. ACM SIGCOMM'02, Pittsburgh, PA. 2002.

I.V. Kotenko. Agent-Based Modeling and Simulation of Cyber-Warfare between Malefactors and Security Agents in Internet. 19th European Simulation Multiconference “Simulation in wider Europe”. 2005.

I.V. Kotenko, A.V. Ulanov. Agent-based simulation of DDOS attacks and defense mechanisms. Journal of Computing, Vol.4, Issue 2, 2005.

I. Kotenko, A. Ulanov. Agent Teams in Cyberspace: Security Guards in the Global Internet. CYBERWORLDS. 2006.

I. Kotenko. Multi-agent Modelling and Simulation of Cyber-Attacks and Cyber-Defense for Homeland Security // Proceedings of IDAACS'2007. Dortmund, Germany, 2007.

V.A. Lefevre. Reflexion. Moscow, Kognito-Center, 2003 (in Russian).

P. Mahadevan, D. Krioukov, M. Fomenkov, B. Huffaker, X. Dimitropoulos, K. Claffy, and A. Vahdat. Lessons from Three Views of the Internet Topology: Technical Report, CAIDA, 2005.

J. Mirkovic, S. Dietrich, D. Dittrich, P. Reiher. Internet Denial of Service: Attack and Defense Mechanisms. Prentice Hall PTR, 2004.

J. Mirkovic, M. Robinson, P. Reiher, G. Oikonomou. Distributed Defense Against DDOS Attacks. Technical Report CIS-TR-2005-02. University of Delaware. 2005.

M. Negoita, D. Neagu, V. Palade. Computational Intelligence Engineering of Hybrid Systems. Springer Verlag, 2005.

OMNeT++. http://www.omnetpp.org/

C. Papadopoulos, R. Lindell, I. Mehringer, A. Hussain, R. Govindan. Cossack: Coordinated suppression of simultaneous attacks. DISCEX III. 2003.

T. Peng, L. Christopher, R. Kotagiri. Protection from Distributed Denial of Service Attack Using History-based IP Filtering. IEEE Conference on Communications. 2003.

K.S. Perumalla, S. Sundaragopalan. High-Fidelity Modeling of Computer Network Worm. 20th Annual Computer Security Applications Conference (ACSAC'04), December 06-10, 2004.

F. Silva, M. Endler, F. Kon, R.H. Campbell, M.D. Mickunas. Modeling Dynamic Adaptation of Distributed Systems. Technical Report UIUCDCS-R-2000-2196, University of Illinois at Urbana-Champaign, 2000.

M. Tambe. Towards flexible teamwork. Journal of AI Research, vol. 7, 1997.

M. Vilain. Getting Serious about Parsing Plans: A Grammatical Analysis of Plan Recognition. Proceedings of the Eighth National Conference on Artificial Intelligence, Cambridge, MA, 1990.

R. Want, T. Pering, D. Tennenhouse. Comparing autonomic and proactive computing. IBM Systems Journal, vol.42, no.1, 2003.

M.P. Wellman, D.V. Pynadath. Plan Recognition under Uncertainty. 1997.

C.C. Zou, N. Duffield, D. Towsley, W. Gong. Adaptive Defense against Various Network Attacks. IEEE Journal on Selected Areas in Communications: High-Speed Network Security (J-SAC), vol. 24, no. 10, 2006.

Downloads

Published

2014-08-01

How to Cite

Kotenko, I. (2014). MULTI-AGENT SIMULATION OF ATTACKS AND DEFENSE MECHANISMS IN COMPUTER NETWORKS. International Journal of Computing, 7(2), 35-43. https://doi.org/10.47839/ijc.7.2.508

Issue

2008, Volume 7, Issue 2

Section

Articles

License

International Journal of Computing is an open access journal. Authors who publish with this journal agree to the following terms:
•    Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
•    Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
•    Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work.