The document proposes a multi-agent system architecture for incident reaction in telecommunication networks. The architecture has three layers - low level at the network interface, intermediate level to correlate alerts, and high level with a global view. Agents represent components like alert correlation, reaction decision-making, and policy deployment. The reaction decision agent receives alerts and decides if a reaction is needed based on policies, organization knowledge, and specified behavior. It defines new policy rules for the reaction. The policy deployment agent instantiates and sends the new policies to policy enforcement points to change the network security state. A decision support system using ontologies, Bayesian networks, and influence diagrams helps the agents make decisions.
An analysis of security challenges in mobile ad hoc networkscsandit
Mobile Ad Hoc Network (MANET) is a collection of wireless mobile nodes with restricted
transmission range and resources, no fixed infrastructure and quick and easy setup. Because of
special characteristics, wide-spread deployment of MANET faced lots of challenges like
security, routing and clustering. The security challenges arise due to MANETs selfconfiguration
and self-maintenance capabilities. In this paper, we present an elaborate view of
issues in MANET security. We discussed both security services and attacks in detail. Three
important parameters in MANET security are defined. Each attack has been analyses briefly
based on its own characteristics and behaviour. In addition, defeating approaches against
attacks have been evaluated in some important metrics. After analyses and evaluations, future
scopes of work have been presented
A Distributed Approach to Defend Web Service from DDoS AttacksCSCJournals
Most of the business applications on the Internet are dependent on web services for their transactions. Distributed denial of service (DDoS) attacks either degrade or completely disrupt web services by sending flood of packets and requests towards the victim web servers. An array of defense schemes are proposed but still defending web service from DDoS attacks is largely an unsolvable problem so far. In this paper, DDoS defense schemes are classified into centralized and distributed and their relative advantages and disadvantages are explored. An ISP based distributed approach is a pragmatic solution to defend from DDoS attacks due to its autonomous control, more resources, and incremental scope. Traffic cluster entropy is conceptualized from source address entropy and the combination is used to detect various types of DDoS attacks against the web service. A framework is proposed which can detect the attack, characterize attack sources, and filter the attack packets as early as possible so as to minimize the collateral damage
This document proposes an optimized algorithm for securely integrating wireless sensor networks (WSNs) into enterprise information systems. It discusses the security requirements for WSNs, including data confidentiality, authenticity, integrity, availability, freshness, and robustness. It also analyzes threats to WSN security like spoofing, selective forwarding, sinkhole, Sybil, wormhole, and hello flood attacks. The document suggests using Internet of Things principles to authenticate sensor data senders independently of network location, improving security and efficiency.
EXPOSURE AND AVOIDANCE MECHANISM OF BLACK HOLE AND JAMMING ATTACK IN MOBILE A...ijcseit
Mobile ad hoc network (MANETs) is an infrastructure-less/self-configurable system in which every node
carries on as host or router and every node can participate in the transmission of packets. Because of its
dynamic behaviour such system is more susceptible against various sorts of security threats, for example,
Black hole, Wormhole , Jamming , Sybil, Byzantine attack and so on which may block the transmission of
the system. Black hole attack and Jamming attack is one of them which promote itself has shortest or new
fresh route to the destination while jamming attack which make activity over the system. This paper
introduces the thorough literature study for the Black hole attack and jamming attack of both the attack by
various researchers.
This document discusses communication in distributed systems. It begins with an introduction that describes how distributed computing will be central to many critical applications but also faces challenges around reliability and scalability. The document then covers communication protocols and architectures for distributed systems, including layered, object-based, data-centered, and event-based styles. It also discusses topics like reliability, communication in groups, and order of communication. The conclusion restates that the best architecture depends on application requirements and environment.
An effective approach for tackling network security
problems is Intrusion detection systems (IDS). These kind of
systems play a key role in network security as they can detect
different types of attacks in networks, including DoS, U2R Probe
and R2L. In addition, IDS are an increasingly key part of the
system’s defense. Various approaches to IDS are now being used,
but are unfortunately relatively ineffective. Data mining techniques
and artificial intelligence play an important role in security
services. We will present a comparative study of three wellknown
intelligent algorithms in this paper. These are Radial Basis
Functions (RBF), Multilayer Perceptrons (MLP) and Support
Vector Machine (SVM).This work’s main interest is to benchmark
the performance of these3 intelligent algorithms. This is done by
using a dataset of about 9,000 connections, randomly chosen from
KDD'99’s 10% dataset. In addition, we investigate these
algorithms’ performance in terms of their attack classification
accuracy. The Simulation results are also analyzed and the
discussion is then presented. It has been observed that SVM with a
linear kernel (Linear-SVM) gives a better performance than MLP
and RBF in terms of its detection accuracy and processing speed.
Metric for Evaluating Availability of an Information System : A Quantitative ...IJNSA Journal
The purpose of the paper is to present a metric for availability based on the design of the information
system. The availability metric proposed in this paper is twofold, based on the operating program and
network delay metric of the information system (For the local bound component composition the
availability metric is purely based on the software/operating program, for the remote bound component
composition the metric incorporates the delay metric of the network). The aim of the paper is to present a
quantitative availability metric derived from the component composition of an Information System, based
on the dependencies among the individual measurable components of the system. The metric is used for
measuring and evaluating availability of an information system from the security perspective, the
measurements may be done during the design phase or may also be done after the system is fully
functional. The work in the paper provides a platform for further research regarding the quantitative
security metric (based on the components of an information system i.e. user, hardware, operating
program and the network.) for an information system that addresses all the attributes of information and
network security.
This document discusses the need for adaptive and dynamic software development that can adjust to changing runtime environments and fault conditions. It argues that traditional static approaches to fault tolerance, like using fixed levels of redundancy, are inadequate as the threat environment may vary. The document then introduces an adaptive data integrity tool that allows the level of redundancy to change dynamically based on faults detected at runtime. This provides an example of the new approach called for, termed "New Software Development," that is more adaptive, maintainable and reconfigurable like New Product Development concepts.
MANET is a kind of Ad Hoc network with mobile, wireless nodes. Because of its special characteristics like
dynamic topology, hop-by-hop communications and easy and quick setup, MANET faced lots of challenges
allegorically routing, security and clustering. The security challenges arise due to MANET’s selfconfiguration
and self-maintenance capabilities. In this paper, we present an elaborate view of issues in
MANET security. Based on MANET’s special characteristics, we define three security parameters for
MANET. In addition we divided MANET security into two different aspects and discussed each one in
details. A comprehensive analysis in security aspects of MANET and defeating approaches is presented. In
addition, defeating approaches against attacks have been evaluated in some important metrics. After
analyses and evaluations, future scopes of work have been presented.
Host-based Security, by Dmitry Khlebnikov @ Secure Development MelbourneAlec Sloman
In this presentation, Dmitry Khlebnikov sets forward 6 broad principles for designing secure IT infrastructure, and provides a comprehensive overview of "Host-based Security".
Towards Evaluating the Robustness of Deep Intrusion Detection Models in Adver...Sri Ram
Network Intrusion Detection System (NIDS) is a method that is utilized to categorize network traffic as malicious or normal. Anomaly-based method and signature-based method are the traditional approaches used for network intrusion detection. The signature-based approach can only detect familiar attacks whereas the anomaly-based approach shows promising results in detecting new unknown attacks. Machine Learning (ML) based approaches have been studied in the past for anomaly-based NIDS. In recent years, the Deep Learning (DL) algorithms have been widely utilized for intrusion detection due to its capability to obtain optimal feature representation automatically. Even though DL based approaches improves the accuracy of the detection tremendously, they are prone to adversarial attacks. The attackers can trick the model to wrongly classify the adversarial samples into a particular target class. In this paper, the performance analysis of several ML and DL models are carried out for intrusion detection in both adversarial and non-adversarial environment. The models are trained on the NSLKDD dataset which contains a total of 148,517 data points. The robustness of several models against adversarial samples is studied.
A METHOD OF TRUST MANAGEMENT IN WIRELESS SENSOR NETWORKSijsptm
The research problem considered in this paper is how to protect wireless sensor networks (WSN) against cyber-threats by applying trust management and how to strengthen network resilience to attacks targeting the trust management mechanism itself. A new method, called WSN Cooperative Trust Management Method (WCT2M), of distributed trust management in multi-layer wireless sensor networks is proposed and its performance is evaluated. The method is specified by giving its class model in UML and by
explaining the related attributes and methods. Different attacks against the network and against WCT2M deployed in the network are considered. The experimental evaluation of WCT2M involves laboratory experiments and simulations using a dedicated simulator. The evaluation focuses on efficiency of detecting and isolating the malicious nodes that implement different attack scenarios in the network and on the
method’s sensitivity to the changes in effectiveness of the security mechanisms deployed in the network nodes.
This document summarizes a research paper that proposes a rule-based technique using fuzzy logic to detect security attacks in wireless sensor networks. The paper identifies 10 common security attacks in wireless sensor networks including denial of service, eavesdropping, traffic analysis, etc. A fuzzy rule-based system is developed to calculate the impact of these security attacks. The system uses MATLAB tools and mouse dataset to test performance. Case studies are presented to demonstrate how the system can predict the likelihood and impact of security attacks on a wireless sensor network.
DOMAIN-DRIVEN DESIGN AND SOFT SYSTEMS METHODOLOGY AS A FRAMEWORK TO AVOID SOF...Panagiotis Papaioannou
A crisis is considered to be an issue concerning complex systems like societies, organizations or even families. It can be defined as the situation in which the system functions poorly, the causes of the dysfunction are not immediately identified and immediate decisions need to be made.
The type and duration of a crisis may require different kinds of decision making. In a long-term crisis, when system changes may be required, the active participation of the affected people may be more important than the power and dynamics of the leadership. Software crises, in their contemporary form as organizational malfunctions, can still affect the viability of any organization.
In this paper, we highlight the systemic aspects of a crisis, the complexity behind that and the role of systemic methodologies to explore its root causes and to design effective interventions. Our focus is on modelling as a means to simplify the complexity of the regarded phenomena and to build a knowledge consensus among stakeholders. Domain-Driven Design comes from software as an approach to deal with complex projects. It is based on models exploration in a creative collaboration between domain practitioners and solution providers. SSM is an established methodology for dealing with wicked situations. It incorporates the use of models and, along with Domain-Driven Design and other systemic methodologies can be employed to develop a common perception of the situation and a common language between interested parties in a crisis situation.
1. The document proposes a threat modeling approach called "randomized seeding attack Model" to prevent attacks that could affect virtual machines in the cloud.
2. The model uses Fibonacci and Lucas number series to represent how attacks could randomly spread from one virtual machine to others in the cloud environment.
3. Key aspects of the model include using random Fibonacci sequences to represent the spreading of attacks, where each new virtual machine affected is represented by the next number in the sequence.
Our Group Profile, including vision, mission, history, values and financial highlights. Find out more about us on our website: http://www.sgs.com/en/Our-Company/About-SGS/SGS-in-Brief.aspx
A mother camel is asked by her baby camel why camels have certain features. She explains that their humps store water, their long legs and rounded feet allow them to walk well in deserts, and their long eyelashes protect their eyes from sand and wind. The baby camel then questions why they are in the zoo if those features are for surviving in deserts. The moral is that skills and abilities are only useful if in the right place.
The student works at Giant in Warminster and plays football and lacrosse at their high school. They have been playing lacrosse since 2nd grade and football since a young age, playing quarterback and safety. They excel in math and accounting and hope to study accounting in college. Their hobbies include skydiving, paintballing, and traveling the world.
Art plays an important role in people's lives according to several perspectives. Some say art aims to represent the inner significance rather than outward appearance of things. Others view art as something that requires hand, head and heart working together, or as something that creates an emotional link between artist and viewer. Art can also make people more thoughtful and well-balanced. It has been described as making something from nothing and selling it, or as being both functional and hopefully beautiful. A man paints with his brains rather than his hands according to Michelangelo.
This presentation highlights several UNESCO World Heritage sites in Romania, including the Moldoviţa Monastery built in 1532, the Voroneţ Monastery known for its unique blue walls, the Câlnic Citadel built in 1270, the town of Horezu popular for its handmade ceramics, and the Danube Delta nature reserve known as the "Paradise of birds". The purpose is to show photos and provide interesting facts about some of Romania's amazing cultural and historical monuments.
A guide to researching WWII military servicetxmilmuseum
This document provides numerous resources for researching a relative's service in World War 2. It outlines documents like the DD214 that contain useful military service information. While many Army records from 1912-1964 were destroyed in a fire, records from other branches may still exist. Sites like the National Archives have draft records, casualty lists, and more. Local historical sources can provide additional context. Photos, letters, uniforms and headstones may supply unit or location details to aid the search. Online forums connect people researching specific units.
Dokumen tersebut membahas tentang pengertian organisasi dan tujuan pembentukannya, iklim organisasi, serta budaya organisasi yang mendukung. Secara khusus dijelaskan bahwa organisasi dibentuk untuk mencapai tujuan bersama, iklim organisasi mempengaruhi pencapaian tujuan, sedangkan budaya kerja yang mendukung seperti disiplin dan kepuasan kerja dapat menciptakan lingkungan kerja yang kondusif.
This document discusses budgets and variance analysis for managing a business. It defines a budget as a financial plan covering income and expenses. Variance analysis is the process of comparing actual budget outcomes to planned figures to identify favorable and unfavorable variances. The document provides examples of calculating variances for income, expenses, and profit budgets and interpreting the variances to understand factors that led to differences from the planned budget.
(Legado 2016) Capacitação em planejamento estratégico Dia 3Ink_conteudos
O documento discute planejamento estratégico e apresenta o modelo Canvas. Ele destaca três focos estratégicos: custo/eficiência, intimidade com o cliente e produto/metodologia. Também aborda definição de metas e o Marco Lógico como ferramenta de planejamento.
Victory Over Neck And Back Pain Dr Shriniwas Kashalikarsubodhnagwekar
This document discusses various holistic approaches to treating neck and back pain, as discovered by Dr. Shriniwas Janardan Kashalikar. It outlines Ayurvedic, allopathic, exercise, dietary, postural, and homeopathic remedies. The key message is that holistic health requires more than just physical well-being, but also acquiring a perspective of global welfare through practices like yoga, meditation, and maintaining an integrated posture.
La pandemia de COVID-19 ha tenido un impacto significativo en la economía mundial. Muchos países experimentaron fuertes caídas en el PIB y altas tasas de desempleo en 2020. A medida que se implementan las vacunas, se espera que la actividad económica se recupere en 2021 aunque el panorama sigue siendo incierto.
A security decision reaction architecture for heterogeneous distributed networkchristophefeltus
This document proposes a multi-agent system architecture for reacting to security alerts in heterogeneous distributed networks. The architecture has three layers - low, intermediate, and high - and consists of agents that perform alert correlation, reaction decision making, and policy deployment. The agents communicate by exchanging messages. The architecture is intended to allow for quick and efficient reaction to security attacks while ensuring coordinated configuration changes across network components. It was developed and illustrated using a case study of a medical application distributed across buildings, campuses, and metropolitan areas.
This document proposes a multi-agent architecture for incident reaction in information system security. The architecture has three layers - low level interacts directly with the infrastructure, intermediate level correlates alerts and deploys reaction actions using multi-agent systems, and high level provides supervision and manages business policies. The architecture was tested for data access control and aims to quickly and efficiently react to attacks while ensuring policy compliance. The document discusses requirements like scalability, autonomy, and global supervision. It also describes the key components of alert management, reaction decision making, and policy definition/deployment to implement the architecture using a multi-agent approach.
Multi agents based architecture for is security incident reactionchristophefeltus
This document proposes a multi-agent architecture for responding to security incidents in information systems. The architecture has three layers: a low level that interfaces with the targeted infrastructure, an intermediate level that correlates alerts and deploys response actions using multi-agent systems, and a high level that provides supervision and manages business policies. The architecture was designed based on requirements like scalability, availability, autonomy, and global supervision. It aims to quickly and efficiently respond to attacks while ensuring responses do not violate business policies. The document then discusses using a multi-agent system with JADE to represent nodes in the architecture and facilitate communication and coordination between components for selecting and deploying response policies.
The document proposes a conceptual trusted incident reaction architecture based on a multi-agent system. The architecture includes three main components: (1) an alert correlation engine that collects and analyzes alerts, (2) a policy instantiation engine that decides on and defines reactions to confirmed alerts, and (3) a policy deployment point that deploys new policies on targeted networks. A decision support system is included to help agents make decisions under uncertainty using an ontology, Bayesian networks, and influence diagrams. The architecture is illustrated using a case study of a medical application network.
This document proposes a conceptual trusted incident reaction architecture based on a multi-agent system. The architecture is designed to dynamically and flexibly react to security incidents across an enterprise network. It incorporates the concept of trust into the decision-making process for determining and deploying appropriate security responses. The architecture is illustrated using a case study of a medical application distributed across buildings, a campus, and metropolitan area networks.
A predictive framework for cyber security analytics using attack graphsIJCNCJournal
Security metrics serve as a powerful tool for organizations to understand the effectiveness of protecting computer networks. However majority of these measurement techniques don’t adequately help corporations to make informed risk management decisions. In this paper we present a stochastic security framework for obtaining quantitative measures of security by taking into account the dynamic attributes associated with vulnerabilities that can change over time. Our model is novel as existing research in attack graph analysis do not consider the temporal aspects associated with the vulnerabilities, such as the availability of exploits and patches which can affect the overall network security based on how the vulnerabilities are interconnected and leveraged to compromise the system. In order to have a more realistic representation of how the security state of the network would vary over time, a nonhomogeneous model is developed which incorporates a time dependent covariate, namely the vulnerability age. The daily transition-probability matrices are estimated using Frei's Vulnerability Lifecycle model. We also leverage the trusted CVSS metric domain to analyze how the total exploitability and impact measures evolve over a time period for a given network.
In what ways do you think the Elaboration Likelihood Model applies.docxjaggernaoma
This document summarizes common vulnerabilities observed in critical infrastructure control systems based on vulnerability assessments conducted by Sandia National Laboratories. It finds that most vulnerabilities stem from a lack of proper security administration, including failing to define security classifications for system data, establish security perimeters, implement defense-in-depth protections, and restrict access based on operational needs. Many vulnerabilities result from deficient or nonexistent security governance, budget constraints, personnel attrition, and a lack of security training for automation administrators. Comprehensive mitigation requires improved security awareness, strong governance, and configuration of technology to remedy vulnerabilities.
This document discusses the potential for using intelligent agent technology for network control and management. It notes that as networks become more complex and diverse, distributed autonomous control will become more necessary. Agent technology is proposed as a way to achieve more effective, robust and autonomous network control. The document provides an overview of current network trends driving interest in agent solutions and highlights some key areas like multi-provider environments, resource management and communications integration that could benefit from agent-based approaches.
A DEFENSIVE MECHANISM CROSS LAYER ARCHITECTURE FOR MANETS TO IDENTIFY AND COR...IJNSA Journal
The document proposes a defensive cross-layer architecture for MANETs to identify and correct misbehavior in routing. The architecture has four levels: 1) Network topological level outlines basic node connections; 2) Routing level applies security to routing protocols and individual nodes, using a new Time On Demand Distance Vector (TODV) routing; 3) Detection level encrypts packets and uses acknowledgements to detect tampering; 4) Correction level calculates packet loss ratios to identify alternative routes when attacks are detected. The architecture aims to provide end-to-end security across three layers while maintaining network performance.
This document discusses improving the security of a health care information system. It begins by describing vulnerabilities in software applications and how connected systems can be exploited. The document then proposes a 3-tier architecture with encryption and file replication to strengthen security. Database backups and regular vulnerability checks are also recommended to defend the system from attacks and allow recovery of data. The goal is to develop a secure electronic health records system that protects sensitive patient information.
Intrusion detection system for imbalance ratio class using weighted XGBoost c...TELKOMNIKA JOURNAL
This document summarizes a study that proposed an intrusion detection system to address the issue of imbalanced data ratios in classification models. The study used the XGBoost classifier with a weighted approach based on the imbalance ratio of each class to improve detection performance for minority and infrequent attack types in network traffic data. The proposed system was evaluated on the BotIoT dataset and showed improved detection rates compared to other methods, particularly for underrepresented attack classes. Experimental results demonstrated that the weighted XGBoost approach effectively handled class imbalance issues.
Application of Attack Graphs in Intrusion Detection Systems: An ImplementationCSCJournals
This document discusses integrating attack graphs with intrusion detection systems to help identify complex multi-stage attacks. It proposes an architecture where an intrusion detection system detects alerts and stores them in a database. A vulnerability scanner identifies vulnerabilities, and an attack graph generator uses the alerts and vulnerabilities to generate and update an attack graph. A tool then analyzes the alerts and attack graph to highlight detected intrusions on the graph. The goal is to help administrators better understand the progression of attacks by visualizing how alerts may be related across different stages of an attack. As a proof of concept, the paper implements this using SNORT for intrusion detection, NESSUS for vulnerability scanning, and MULVAL for attack graph generation.
This document discusses 6 different thesis abstracts on topics related to IT security:
1) The design and implementation of an environment to support security assessment method development. This includes a database solution to assist developers.
2) A risk analysis of an RFID system used for logistics that identifies vehicles. The analysis examines the RFID communication and database transmission security and risks.
3) Key topics for a database security course, including technologies, access control, vulnerabilities, privacy, and secure database models.
4) A case-based reasoning approach to understand constraints in information models written in EXPRESS, representing constraints at a higher level of abstraction.
5) The benefits of a consolidated network security solution over point
This document discusses information security in organizations. It covers several key topics:
- The importance of information security policies and ensuring all employees are trained on these policies.
- The benefits of network security such as controlling access, ensuring confidentiality and integrity of data.
- Common network and system security threats like eavesdropping, phishing, and denial of service attacks.
- The responsibilities of database administrators to securely manage and protect organizational data.
This document discusses information security in organizations. It covers several key topics:
- The importance of information security and how it protects organizations' data, systems, and value.
- The need for organizations to have security policies and provide training to ensure all personnel understand and follow security protocols.
- Various types of network and system security threats like viruses, worms, and denial of service attacks that organizations need protections from.
- The roles and responsibilities of security positions like database administrators to properly manage and secure organizations' critical data and systems.
This document summarizes the internship work conducted by Marta de la Cruz Martos at CITSEM within the GRyS group. The internship focused on developing algorithms to analyze energy consumption for smart grids as part of the I3RES project, which aims to integrate renewable energy sources into distributed networks using artificial intelligence. Specifically, the internship involved studying relevant technologies, participating in software component design, developing and implementing algorithms, and preparing reports. The document provides background on distributed systems and databases, describes the work conducted, and presents results and conclusions.
Privacy Protection in Distributed Industrial Systemiosrjce
IOSR Journal of Computer Engineering (IOSR-JCE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of computer engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in computer technology. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
This document summarizes a research paper about ensuring privacy protection in distributed industrial systems. It begins with an abstract that discusses how traditional cybersecurity approaches may not be effective for industrial networks due to their unique characteristics. It then provides background on industrial automation control systems and typical network configurations. The main goal of the paper is to assess the current security situation for most industrial distributed systems and discuss key elements like system characteristics, standardization efforts, and effective security controls.
Similar to A multi agent based decision mechanism for incident reaction in telecommunication network (20)
Multi-Agent System (MAS) monitoring solutions are designed for a plethora of usage topics. Existing approach mostly used cloned back-end architectures while front-end monitoring interface tends to constitute the real specificity of the solution. These interfaces are recurrently structured around three dimensions: access to informed knowledge, agent’s behavioural rules, and restitution of real-time states of specific system sector. In this paper, we propose prototyping a sector-agnostic MAS platform (Smart-X) which gathers in an integrated and independent platform all the functionalities required to monitor and to govern a wide range of sector specific environments. For illustration and validation purposes, the use of Smart-X is introduced and explained with a smart-mobility case study.
This document provides an agenda and overview for a joint workshop on security modeling hosted by the ArchiMate Forum and Security Forum. The workshop aims to identify opportunities to improve the conceptual and visual modeling of enterprise information security using TOGAF and ArchiMate. The agenda includes introductions, a research spotlight on strengthening role-based access control with responsibility modeling, an open discussion on complementing TOGAF and ArchiMate with enhanced security modeling, and identifying next steps. The workshop purpose is to enable better security architecture decisions and drive usage of TOGAF and ArchiMate for security architecture.
Aligning the business operations with the appropriate IT infrastructure is a challenging and critical activity. Without efficient business/IT alignment, the companies face the risk not to be able to deliver their business services satisfactorily and that their image is seriously altered and jeopardized. Among the many challenges of business/IT alignment is the access rights management which should be conducted considering the rising governance needs, such as taking into account the business actors' responsibility. Unfortunately, in this domain, we have observed that no solution, model and method, fully considers and integrates the new needs yet. Therefore, the paper proposes firstly to define an expressive Responsibility metamodel, named ReMMo, which allows representing the existing responsibilities at the business layer and, thereby, allows engineering the access rights required to perform these responsibilities, at the application layer. Secondly, the Responsibility metamodel has been integrated with ArchiMate® to enhance its usability and benefits from the enterprise architecture formalism. Finally, a method has been proposed to define the access rights more accurately, considering the alignment of ReMMo and RBAC. The research was realized following a design science and action design based research method and the results have been evaluated through an extended case study at the Hospital Center in Luxembourg.
This document proposes an innovative systemic approach to risk management across interconnected sectors. It suggests using enterprise architecture models to manage cross-sector risks in Luxembourg's complex ICT ecosystem. The approach would provide regulators an overview of all players and systems, as well as models of different sectors to analyze collected data and risks at a national level, fostering accurate and reactive risk mitigation across economic domains.
This document proposes extending the HL7 standard with a responsibility perspective to better manage access rights to patient health records. It presents the ReMMo responsibility metamodel, which defines actors' responsibilities and associated access rights. The paper aims to align ReMMo with the HL7-based eSanté healthcare platform model in Luxembourg to semantically enhance access controls based on users' real responsibilities rather than just roles. It will first map concepts between the two models, then evaluate the alignment through a prototype applying inference rules.
This document presents a study that aims to develop and validate a responsibility model to improve IT governance. It analyzes concepts of responsibility from literature and frameworks like COBIT. The researchers developed a responsibility model with key concepts like obligation, accountability, right, and commitment. They then compare this model to COBIT's representation of responsibility to identify areas for potential enhancement, like adding concepts that COBIT lacks. The document illustrates how the responsibility model could be used to refine COBIT's process for identifying system owners and their responsibilities.
This document proposes an innovative approach called SIM (Secure Identity Management) that aims to make access management policies closer aligned with business objectives. It does this in two ways:
1) By focusing the policy engineering process on business goals and responsibilities defined in processes, using concepts from the ISO/IEC 15504 standard. This links capabilities and accountabilities to process outcomes and work products.
2) By defining a multi-agent system architecture to automate the deployment of policies across heterogeneous IT components and devices. The agents provide autonomy and ability to adapt rapidly according to context.
The approach was prototyped using open source components and aims to improve how access rights are defined according to business needs and deployed across an organization
This document proposes a methodological approach for specifying services and analyzing service compliance considering the responsibility dimension of stakeholders. The approach includes a product model and process model. The product model has three layers: an informational layer describing service context and concepts, an organizational layer describing business rules and roles, and a responsibility dimension layer linking the two. The process model outlines steps for service architects to identify context, define concepts and rules, specify services, and analyze compliance. The approach is illustrated with an example of managing access rights for sensitive healthcare data exchange between organizations.
This document discusses integrating responsibility aspects into service engineering for e-government. It proposes a multi-layered approach including an ontological layer defining legal concepts, an organizational layer describing roles and stakeholders, an informational layer representing data structures and integrity constraints, and a technical layer representing IT components. A responsibility meta-model is also introduced to align responsibilities across these layers and facilitate interoperability between services that share data. The approach aims to ensure service compliance and manage risks associated with e-government services.
1) The document proposes a dynamic approach for assigning functions and responsibilities to agents in a multi-agent system for critical infrastructure management.
2) The approach uses an agent's reputation, which is based on past performance, to determine which agents receive which responsibilities as crisis situations change over time.
3) Assigning responsibilities dynamically based on reputation allows the system to continue operating effectively if an agent becomes isolated or has reduced capabilities during a crisis.
This document proposes a responsibility modeling language (ReMoLa) to align access rights with business process requirements. ReMoLa is a responsibility-centered meta-model that integrates concepts from the business and technical layers, with the concept of employee responsibility bridging the two. It incorporates four types of obligations from the COBIT framework to refine employee responsibilities and better assign access rights. ReMoLa maps responsibilities to roles in the RBAC model to leverage its advantages for access right management while ensuring responsibilities align with business tasks and employee commitment.
The document describes the NOEMI assessment methodology, which was developed as part of a research project to help very small enterprises (VSEs) improve their IT practices. The methodology aims to assess VSEs' IT capabilities in order to facilitate collaborative IT management across organizations. It was designed to be aligned with common IT standards like ISO/IEC 15504 and ITIL, but adapted specifically for VSEs. The methodology has been tested through several case studies with VSEs in Luxembourg, with promising results.
This document provides a preliminary literature review of policy engineering methods related to the concept of responsibility. It summarizes key access control models and discusses how they address concepts like capability, accountability, and commitment. The document also reviews engineering methods and how they incorporate responsibility considerations. The overall goal is to orient further research towards a new policy model and engineering method that more fully addresses stakeholder responsibility.
This document proposes an extension of the ArchiMate enterprise architecture framework to model multi-agent systems for critical infrastructure governance. The authors develop a responsibility-driven policy concept and metamodel layers to represent agent behavior and organizational policies across technical, application, and organizational layers. The approach is illustrated through a case study of a financial transaction processing system.
This document summarizes an experimental prototype of the OpenSST protocol for secured electronic transactions. OpenSST was developed to achieve high security, simplicity in software engineering, and compatibility with existing standards. The prototype uses OpenSST for the authorization portion of electronic payments in an e-business clearing solution. It describes the OpenSST message format and types, and discusses how OpenSST is implemented in the prototype's three-element architecture of an OpenSST proxy, reverse proxy, and server.
This document proposes an automatic reaction strategy for critical infrastructure SCADA systems. It defines a three-layer metamodel for modeling SCADA components and two types of policies (cognitive and permissive) that govern component behavior. It then presents a two-phase method for identifying these policies from the SCADA architecture and formalizing them to support an automatic reaction strategy. This strategy is modeled as an integral part of the SCADA architecture using the defined metamodel and policy identification method. It includes organizational and application layers with main actors, strategies, and components that realize the reaction policies based on expected automation levels.
More from Luxembourg Institute of Science and Technology (20)
Transmission Spectroscopy of the Habitable Zone Exoplanet LHS 1140 b with JWS...Sérgio Sacani
LHS 1140 b is the second-closest temperate transiting planet to the Earth with an equilibrium temperature low enough to support surface liquid water. At 1.730±0.025 R⊕, LHS 1140 b falls within
the radius valley separating H2-rich mini-Neptunes from rocky super-Earths. Recent mass and radius
revisions indicate a bulk density significantly lower than expected for an Earth-like rocky interior,
suggesting that LHS 1140 b could either be a mini-Neptune with a small envelope of hydrogen (∼0.1%
by mass) or a water world (9–19% water by mass). Atmospheric characterization through transmission
spectroscopy can readily discern between these two scenarios. Here, we present two JWST/NIRISS
transit observations of LHS 1140 b, one of which captures a serendipitous transit of LHS 1140 c. The
combined transmission spectrum of LHS 1140 b shows a telltale spectral signature of unocculted faculae (5.8 σ), covering ∼20% of the visible stellar surface. Besides faculae, our spectral retrieval analysis
reveals tentative evidence of residual spectral features, best-fit by Rayleigh scattering from an N2-
dominated atmosphere (2.3 σ), irrespective of the consideration of atmospheric hazes. We also show
through Global Climate Models (GCM) that H2-rich atmospheres of various compositions (100×, 300×,
1000×solar metallicity) are ruled out to >10 σ. The GCM calculations predict that water clouds form
below the transit photosphere, limiting their impact on transmission data. Our observations suggest
that LHS 1140 b is either airless or, more likely, surrounded by an atmosphere with a high mean molecular weight. Our tentative evidence of an N2-rich atmosphere provides strong motivation for future
transmission spectroscopy observations of LHS 1140 b.
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
just download it to see!
Deploying DAPHNE Computational Intelligence on EuroHPC Vega for Benchmarking ...University of Maribor
Slides from talk:
Aleš Zamuda, Mark Dokter:
Deploying DAPHNE Computational Intelligence on EuroHPC Vega for Benchmarking Randomised Optimisation Algorithms.
2024 International Conference on Broadband Communications for Next Generation Networks and Multimedia Applications (CoBCom), 9--11 July 2024, Graz, Austria
https://www.cobcom.tugraz.at/
A slightly oblate dark matter halo revealed by a retrograde precessing Galact...Sérgio Sacani
The shape of the dark matter (DM) halo is key to understanding the
hierarchical formation of the Galaxy. Despite extensive eforts in recent
decades, however, its shape remains a matter of debate, with suggestions
ranging from strongly oblate to prolate. Here, we present a new constraint
on its present shape by directly measuring the evolution of the Galactic
disk warp with time, as traced by accurate distance estimates and precise
age determinations for about 2,600 classical Cepheids. We show that the
Galactic warp is mildly precessing in a retrograde direction at a rate of
ω = −2.1 ± 0.5 (statistical) ± 0.6 (systematic) km s−1 kpc−1 for the outer disk
over the Galactocentric radius [7.5, 25] kpc, decreasing with radius. This
constrains the shape of the DM halo to be slightly oblate with a fattening
(minor axis to major axis ratio) in the range 0.84 ≤ qΦ ≤ 0.96. Given the
young nature of the disk warp traced by Cepheids (less than 200 Myr), our
approach directly measures the shape of the present-day DM halo. This
measurement, combined with other measurements from older tracers,
could provide vital constraints on the evolution of the DM halo and the
assembly history of the Galaxy.
Probing the northern Kaapvaal craton root with mantle-derived xenocrysts from...James AH Campbell
"Probing the northern Kaapvaal craton root with mantle-derived xenocrysts from the Marsfontein orangeite diatreme, South Africa".
N.S. Ngwenya, S. Tappe, K.A. Smart, D.C. Hezel, J.A.H. Campbell, K.S. Viljoen
Lunar Mobility Drivers and Needs - ArtemisSérgio Sacani
NASA’s new campaign of lunar exploration will see astronauts visiting sites of scientific or strategic
interest across the lunar surface, with a particular focus on the lunar South Pole region.[1] After landing
crew and cargo at these destinations, local mobility around landing sites will be key to movement of
cargo, logistics, science payloads, and more to maximize exploration returns.
NASA’s Moon to Mars Architecture Definition Document (ADD)[2] articulates the work needed to achieve
the agency’s human lunar exploration objectives by decomposing needs into use cases and functions.
Ongoing analysis of lunar exploration needs reveals demands that will drive future concepts and elements.
Recent analysis of integrated surface operations has shown that the transportation of cargo on the
surface from points of delivery to points of use will be particularly important. Exploration systems will
often need to support deployment of cargo in close proximity to other surface infrastructure. This cargo
can range from the crew logistics and consumables described in the 2023 “Lunar Logistics Drivers and
Needs” white paper,[3] to science and technology demonstrations, to large-scale infrastructure that
requires precision relocation.
Ethical considerations play a crucial role in research, ensuring the protection of participants and the integrity of the study. Here are some subject-specific ethical issues that researchers need
Properties of virus(Ultrastructure and types of virus)
A multi agent based decision mechanism for incident reaction in telecommunication network
1. A Multi-Agent based Decision Mechanism for
Incident Reaction in Telecommunication Network
C´edric Bonhomme, Christophe Feltus and Djamel Khadraoui
Centre for IT Innovation
Public Research Centre Henri Tudor
29, Avenue John F. Kennedy, L-1855 Luxembourg
Email: cedric.bonhomme@tudor.lu
Abstract—The main objective of this paper is to provide a
global architectural and decision support solution built on the
requirements for a reaction after alert detection mechanisms in
the frame of information systems security and more particularly
applied to telecom infrastructures security. These infrastructures
are distributed in nature, therefore the targeted architecture is
developed in a distributed perspective and is composed of three
basic layers: low level, intermediate level and high level. The low
level constitutes the interface between the main architecture and
the targeted infrastructure. The intermediate level is responsible
of correlating the alerts coming from different domains of the
infrastructure and to smartly deploy the reaction actions. The
architecture is elaborated using the multi-agents system that
provides the advantages of autonomous and interaction facilities,
and has been associated to the OntoBayes model for decision
support mechanism. This model helps agents to make decisions
according to preference values and is built upon ontology
based knowledge sharing, Bayesian networks based uncertainty
management and influence diagram based decision support. The
major novelty of this Decision Support System is the layered
view of the infrastructure thanks to MAS architecture, which
enables the decision making with different levels of knowledge.
The proposed approach has been successfully experimented for
data access control mechanism.
Index Terms—security; decision system; reaction; distributed
network; bayesian network; multi-agents system.
I. INTRODUCTION
Today information systems and mobile computing networks
are more widely spread and mainly heterogeneous. This
basically involves more complexity through their opening,
their interconnection and their ability to make decisions [9].
Consequently, this has a dramatic drawback regarding threats
that could occur on such networks via dangerous attacks (i.e.:
introduction of a malicious code or evil-minded modication
of a the DNS configuration file) [26]. This continuously
growing amount of carry out malicious acts encompasses new
and always more sophisticated attack techniques, which are
actually exposing operators as well as the end user.
State of the art in terms of security reaction is limited
to products that detect attacks and correlate them with a
vulnerability database but none of these products are built to
ensure a proper reaction to attacks in order to avoid their
propagation and/or to help an administrator to deploy the
appropriate reactions [19], [23]. In the same way, [22] says that
at the individual host-level, intrusion response often includes
security policy reconfiguration to reduce the risk of further
penetrations but doesn’t propose another solution in term of
automatic response and reaction. It is the case of CISCO based
IDS material providing mechanisms to select and implement
reaction decision.
Information security management and communication sys-
tems is actually in front of many challenges [12] due to the
fact that it is very often difficult to establish central or local
permanent decision capabilities, have the necessary level of
information, quickly collect the information, which is critical
in case of an attack on a critical system node, or launch
automated counter measures to quickly block a detected attack.
Based on that statements, it appears crucial to elaborate
a strategy of reaction after detection against these attacks.
Our previous work around that topic has provided first issues
regarding that finding and has been somewhat presented in [12]
and [15]. These papers have proposed an architecture to high-
light the concepts aiming at fulfilling the mission of optimizing
security and protection of communication and information
systems which purpose was to achieve the following:
• Reacting quickly and efficiently to any simple attack but
also to any complex and distributed ones;
• Ensuring homogeneous and smart communication system
configuration, that are commonly considered and the main
sources of vulnerabilities.
One of the main aspects in the reaction strategy consists
of automating and adapting policies when an attack occurs.
In scientific literature a large number of definitions for policy
and conceptual model exist. The most famous are Ponder [10],
Policy Description Language [5] and Security Policy Language
[2]. For the purpose of that paper, we prefer the one provided
in [10]: Policies are rules that govern the behavior of a system.
The provided policy adaptation is considered as a regu-
lation process. The main steps of the policy regulation are
described in Figure 1, which shows the process that takes
the business rules as input, and maps them onto technical
policies. These technical policies are deployed and instantiated
on the infrastructure in order to have a new state of temporary
network security stability adapted to the ongoing attack. This
policy regulation is thereafter achieved in modifying/adding
new policy rules to reach a new standing (at least up to the
next network disruption) policy based on the observation of
the systems current situation.
2. In this paper, we focus our work on policy deployment
and on policy modification decision-reaction challenges as
highlighted in the rounded rectangle of Figure 1. This twofold
challenge has already been addressed by other researches like
in [28]. Torrellas explains that facilitating timely decision-
making may achieve much greater productivity benefits by
engineering network security systems using multi-agents. In
[30], Yu developed the concepts of tele-service and proposed
an implementation of an e-maintenance platform based on a
Multi-Agent System (MAS). Yu explained how a Case-Based
Reasoning [1] method may be used to improve the autonomous
decision-making ability. Others works propose rather similar
solutions like [21], [8] but none are explicitly dedicated to the
management of security alerts reaction in the field of open
networks.
Consequently, the paper propose a system that combine a
reaction mechanism with the decision support. Such a problem
has never been addressed before the recently emerging agent-
based applications for reaction after detection infrastructures
as presented in [16].
Fig. 1: Policy regulation
The next section introduces the MAS architecture. Section 3
exposes the decision support system as well as its combination
with the MAS, and the last section concludes the paper.
II. MULTI-AGENT SYSTEM ARCHITECTURE
MAS is composed of several agents, capable of mutual
interaction. The interaction can be in the form of message
passing or producing changes in their common environment.
Agents are pro-actively, reactively and socially autonomous
entities able to exhibit organized activity, in order to meet
their design objectives, by eventually interacting with users.
An agent is collaborative by being able to commit itself to
society and/or another agent.
An agent encapsulates a state and a behavior and provides
moreover a number of facilities such as: control of its behavior,
the ability to decide even if external events influence its
decision, the possibility to exert its control in various manners
(reactively, directed by goals, socially). Moreover, MAS have
several control flows while a system with objects has a priori
only one control flow.
The agents also have global behavior within the MAS, such
as the cooperation (agents share the same goal), collaboration
(agents share intermittently the same goal) or competition
(incompatible goals between agents).
To manage several different systems, due to their location,
their business domain or their organization type, a distributed
system is appropriate. Furthermore, a distributed solution
brings some autonomy to the managed systems. Robustness,
survivability and availability are also impacted.
Fig. 2: Reaction architecture overview
The distributed architecture introduced in this paper is
composed by several components, called “operators”, which
have different responsibilities. Those operators are organized
in two dimensions, as presented in Figure 2.
The vertical dimension, structured in layers relative to
the managed network organization, allows adding abstraction
in going upward. Indeed, the lowest layer is closed to the
managed system and thus being the interface between the
targeted network and the management system. The higher
layer exposes a global view of the whole system and is able to
take some decisions based on a more complete knowledge of
the system, business, and organization. Intermediate levels (1
to n-1) guarantee flexibility and scalability to the architecture
in order to consider management constraints of the targeted
infrastructure. Those middleware levels are optional but allow
the system to be better adapted to the complexity of a given
organization and the size of the information system.
The horizontal dimension, containing three basic compo-
nents, is presented in Figure 2 and its three main phases are
described below:
1) Alert: Collect, normalize, correlate, analyze the alerts
coming from the managed networks and represent an
intrusion or an attack. If the alert is confirmed and coher-
ent, it is forwarded to the reaction decision component.
(Alert Correlation Engine-ACE).
2) Reaction Decision: Receive confirmed alerts for which
a reaction is expected. Considering the knowledge of:
policy, the systems’ organization and specified behavior,
3. these components decide if a reaction is needed or not
and define he reaction, if there is any. The reaction will
be modification(s), addition(s) or removal(s) of current
policy rules. (Police Instantiation Engine-PIE).
3) Reaction: Instantiation and deployment of the new poli-
cies, on the targeted networks. The deployment (Policy
Deployment Point PDP) and enforcement (Policy En-
forcement Point PEP) of these new policies, lead to a
new security state of the network.
Fig. 3: The three basic components
An issue is raised considering which layer is allowed to take
a decision reaction: only one layer, two, several, or all? If more
than one layer can trigger a reaction on the same object(s),
there will be a conflict issue. Thus, the system should be
able to provide mechanisms to solve conflicts between several
selected reactions. Another issue concerns the agreement: at
which level should it be asked? A solution could be to ask at
the same level (or at an upper one) that the reaction decision
is made; this should be specified by the user. A possible
solution is a distributed, vertically layered and hierarchical
architecture. The layer’s number could be adapted according to
the managed systems organization. In our case, three layers are
sufficient (local, intermediate and global). The reaction system
is composed of three main parts: the alert management part,
the reaction part and the police definition-deployment part.
Three trees (alert, reaction and policy) could be placed side
by side, as presented in Figure 2. These trees are alike but
their operators have different functions. The alert tree collects
the alerts with the local operators and correlate them in several
steps, one step by layer. A certain response time is used by the
system from intrusion detection to reaction application. This
time is increased if the reaction process is propagated to upper
layers, as presented in Figure 4. The global goal is of course
to shorten it.
The next step of our research development is firstly the
definition of a reaction engine that encompasses both, archi-
tecture components and the communication engine between
these components. This engine is based on a message format
and on a message exchange protocol based on standards such
as [11]. Secondly, real cases are studied in order to experiment
with the architecture and its associated protocol.
The message format is defined in XML format and is struc-
tured around a number of attributes that specify the message
source, the message destination and the message type (alert,
reaction, policy request, policy modification, policy modifica-
tion validation, decision and synchronization). The protocol
defines the exchange format and the workflow of messages
between the architecture components. It encompasses a set a
rules governing the syntax, semantics, and synchronization of
communication. The technical requirements request the opera-
Fig. 4: Response time
tor structure must be flexible in order to be able to reorganize
itself, if an operator fails or disappears. Each operator also
has to be autonomous in order to permit reorganization. Given
these requirements, the use of a MAS appears as a solution
to provide autonomy, flexibility and decision mechanisms to
each operator that are consequently represented by agents.
As studied in the state of the art presented in [14], a
set of agents could be managed and controlled through an
organization. An organization is a set of agents playing roles,
gathered in a normative structure and expecting to achieve
some global and local objectives. Several models like the roles
model, the tasks model, the interaction model or the norms
models specify an organization.
In our context we need an interaction definition in order to
specify communication protocols between agents representing
operators. We also need roles in order to specify which agent
will have to communicate or act in order to detect intrusions
and then react. Based on this needs, the use of an electronic
institution based on agents is one of the possibilities that we
will investigate.
The main goal of the reaction policy enforcement engine
is to apply policies in terms of specific concrete rules on
“technical” devices (firewall, fileserver, and other systems
named PEP). For that, we need means to make ACE, PIE,
PDP and PEP interact and collaborate.
The multi-agents systems concept already defines archi-
tectures and models for autonomous agents organization and
interaction. Existing platforms like JADE (Java Agent DEvel-
opment framework) [4], [3] implement agents’ concepts as
well as their ability to communicate by exchanging messages
and the reaction components integration could be simplified.
This is a solution, which will be detailed hereafter. The Foun-
dation for Intelligent Physical Agents (FIPA) [13] promotes
the success of emerging agent-based applications, services
and equipment. It makes available internationally agreed spec-
ifications that maximize interoperability across agent based
applications, services and equipment pursue this goal. This is
realized through open international collaboration of member
4. organizations, which are companies and universities active in
the agent field. FIPA’s specifications are publicly available.
They are not technologies for specific application, but generic
technologies for different application areas, and not just inde-
pendent technologies but a set of basic technologies that can
be integrated by developers to make complex systems with a
high degree of interoperability.
The used multi-agent framework is JADE. We base our-
selves on a survey made in [6] to argue that this agent platform
responds to the expectations in terms of agents’ functionalities,
security, performance, standardization, and secure communi-
cation between agents.
Figure 5 introduces the developed architecture. The flow
is supposed to begin with an alert detected by the IDS,
positioned on a network component. This alert is send to
the ACE agent (or LAN ACE if it concerns a precise Local
Area Network): This ACE agent confirms or not the alert to
the PIE. This decision to confirm the alert is explained in
section 3. Afterwards, the PIE decides to apply new policies
or to forward the alert to an ACE from a higher layer (upper
ACE). Its PIE agent sends the policies to the PDP agent, which
decides which PEP is able to implement it in terms of rules or
script on devices (firewall, fileserver, etc.) Then, the PDP agent
sends the new policy to the concerned PEP agent that knows
how to transform a policy into a rule or script understandable
by the associated device (for example fileserver).
On Figure 5, dash dot lines stand for flow of messages
encompassing alert or alert confirmation. Full lines stand for
flow of messages containing policies information, and dot lines
are reserved for decision support mechanisms.
Fig. 5: Multi-Agent System reaction architecture
A focused analysis of the PDP shows that it is composed by
several modules. For the multi-agent system point of view, the
Component Configuration Mapper results from the interaction
between the PDP agent and the Facilitator Agent while the
Policy Analysis module is realized by the PDP agent. The
Facilitator manages the network topology by retrieving PEP
agents according to their localization (devices registered with
IP address or MAC address) or according to actions they could
apply and their type (firewall, file server, etc.). For that the
Facilitator uses white pages and yellow pages services. The
JADE platform already provides implemented facilitator and
searching services. Besides, the use of a multi-agent system
as the framework provides flexibility, and openness. Actually,
when we decide to add a new PEP, we just have to provide its
PEP Agent with the ability to concretely apply the policies that
will register itself through the Facilitator, which will update
the databases.
III. DECISION SUPPORT ARCHITECTURE
Section 2 explains the developed MAS architecture that
guarantees a telecommunication security incident reaction.
This section explains the implementation of the decision
mechanism for incident reaction, the main objective of this
paper. For that reason the MAS architecture has voluntarily
been explained before the Decision Support System (DSS)
part because components of this architecture are used for the
illustration of the DSS.
One important challenge of the DSS is the management of
uncertainty. In our context uncertainty is defined as situation
“caused by a lack of knowledge about the environment when
an agent need to decide the truth of statement.”
Decision is a process [20] and consequently, it may be
represented using its input and its output. For the security
incident reaction, inputs of the decision mechanism are for
instance: the severity, duration and frequency of the alerts,
the impact on the system, or the network criticality for the
business whereas outputs are for instance: the escalation of
the alert to upper ACE or its confirmation to the PIE.
As explained by Yang [29], the decision-making mechanism
is composed of four pillars: Ontology, Bayesian Networks
(BN), Influence Diagram (ID) and Virtual Knowledge Com-
munity (VKC). In the framework of that paper, the VKC
will not be treated because the use of the 3 first pillars is
enough to understand the decision mechanism. The approach
preferred to design the decision mechanism is adapted from the
research performed by Yangs thesis for the incident reaction
through a MAS architecture. As a consequence our solution
differs from and completes the Yang research since our DSS
is illustrated by a real architecture for incident reaction that is
really deployed in our research labs.
A. Ontology
Ontology is the first pillar and is defined by a formal,
explicit specification of a shared conceptualization [24]. Ontol-
ogy may be categorized as domain ontology when it concerns
concepts and their relations from a same and well-defined
domain or top-level ontology when it concerns very general
domain-independent concepts. Ontology is the most important
pillar in that, it will be adapted to support the second pillar
concerning the Bayesian Network and the third pillar concern-
ing the Influence Diagram.
For the incident reaction system, ontology is defined using
the Web Ontology Language (OWL). Resource Development
5. Frameworks (RDF) syntax is the most commonly used method
to model information or meta-concepts in OWL. It may
be implemented in web resources and is structured based
on the triple (object, subject, predicate). Figure 6 illustrates
RDF graph. Both, object and subject are resources whereas
predicate is an attribute or a relation used to describe a
resource.
Fig. 6: RDF graph
Fig. 7: Dependency graph
In parallel to the MAS architecture developed in section 3,
we need a DSS to decide the transfer of an alert from the
IDS to the in-LAN ACE1
, for the forward of that alert to an
upper ACE, and for the confirmation of the alert to the PIE.
This is formalized using OWL as explained in Figure 8. On
that figure, ovals stand for OWL class, solid arrow lines stand
for RDF predicate, dash arrows for influence relations and
rounded rectangles for set of domain value.
Fig. 8: Decision system for alert transfer using OWL
B. OntoBayes
Ontology developed in the previous section permits to
formalize the concept encompassed in the MAS architecture as
well as their relations. However, at that the ontological level of
formalization, uncertainty challenge remains unaddressed and
decision mechanism remained needed for the agents to take
the decision.
1ACE agent located in the Local Area Network where alert is sent.
OntoBayes is an extension of OWL with two features:
Bayesian Networks (BNs) and Influence Diagram. BN address
the uncertainty and ID support the decision mechanism pro-
cess.
1) Bayesian networks extension: In probabilistic, Bayes
Theorem is a simple mathematical formula used for calculating
conditional probabilities [27]. It means that the calculations
of probability depend on prior knowledge that could be
considered as uncertain. I.e.: the probability of having a high
impact on the system if we have an alert of medium severity.
This probability is written P(alert.severity|system.impact).
The BNs extension of OWL introduces the parameters
of that formula by specifies the following two perspectives:
a qualitative perspective and a quantitative perspective. The
qualitative perspective specifies the random variables explic-
itly as well as their dependencies and the later associates’
quantitative information to those variables.
The specification of random variable and their dependency
is performed by introducing the new OWL property ele-
ment <owl:ObjectProperty rdf.ID="dependsOn"
/> and could be graphical represented as illustrated on Fig-
ure 7.
Accordingly, the qualitative extension may be represented
by 2 Bayesian graph models (Figure 9) extracted from the
OWL graph model from Figure 7.
Fig. 9: Bayesian graph models
The ovals represent Bayesian variables and the arrows
specify their relations. The graph is to be read i.e. 1.: The
alert that is forwarded from the out-LAN ACE2
to the network
upper ACE has influence on the confirmation of the alert that
is send from the upper ACE to the PIE. I.e. 2.: The severity
of the alert has influence on the action to send an alert to the
in-LAN ACE. The last examples may be translated using the
new OWL dependsOn element as in Figure 10.
The quantitative extension is performed with the association
of probability table to the Bayesian variables. In the case
of the above example, the Table I provides the quantitative
probability P(alert.severity|system.impact) and is represented
on Figure 10 by the Bayesian variables database.
For example according to Bayes’ formula for conditional
probability the first line means that if the severity is low, the
2In opposition with in-LAN ACEs, out-LAN ACEs are agents located in
others Local Area Networks than the LAN where alert is sent.
6. <owl:Class rdf:ID="alert.severity">
<owl:Restriction>
<owl:onProperty>
<owl:ObjectProperty red:ID="dependsOn" />
</owl:onProperty>
<owl:hasValue rdf:resource="system.impact" />
</owl:Restriction>
</owl:class>
Fig. 10: Dependency encoding
TABLE I: Bayesian variables value probability
ProbCell HasPParameters HasPValue
Cell 1 alert.severity=low|system.impact=low 0.6
Cell 2 alert.severity=medium|system.impact=low 0.3
Cell 3 alert.severity=high|system.impact=low 0.1
Cell 4 alert.severity=low|system.impact=medium 0.2
Cell 5 alert.severity=medium|system.impact=medium 0.5
Cell 6 alert.severity=high|system.impact=medium 0.3
Cell 7 alert.severity=low|system.impact=high 0.1
Cell 8 alert.severity=medium|system.impact=high 0.3
Cell 9 alert.severity=high|system.impact=high 0.6
probability that the impact is low will be relatively high. Of
course if the severity is high the chance to have a low impact
on the system is minimal (generally):
P[alert.severity = high | system.impact = low] = 0.1
In order to follow the law of total probability we must have :
P[alert.severity = low ∩ system.impact = low]
+ P[alert.severity = medium ∩ system.impact = low]
+ P[alert.severity = high ∩ system.impact = low]
= 0.6 + 0.3 + 0.1
= 1
The conditional probability from Table I is encoded as
follows (Figure 11):
<owl:Class rdf:ID="Alert">
<CondProbDist rdf:ID="table_1">
<hasPCell>
<ProbC rdf:ID="Cell_1">
<HasPValue rdf:Iddatatype="#float">0.6</HasPValue>
<HasParameters rdf:datatype="#string">
alert.severity=low|system.impact=low
</HasParameters>
</ProbC>
</HasPCell>
...
</CondProbDist>
</owl:Class>
Fig. 11: Bayesian variables value probability encoding
2) Influence diagrams extension: IDs extension aims at
representing and analyzing a decisional model to support
the decision-making process. The review of the literature
that treats ID [17], [18] shows that decision mechanisms are
composed by three types of nodes: 1) Chance nodes that rep-
resent variables that are not controled by the decision maker,
2) Decision nodes that represent choices available for the
decision maker, and 3) Utility nodes that represent agent utility
functions. Additionally, [25] explains that three type of arcs
express the relationship between nodes: I) Information arcs
(isKnownBy) that point out the information that is necessary
for the decision maker, II) Conditional arcs (influenceOn)
that point out the probabilistic dependency on the associated
variable, and III) Functional arcs (attributeOf) that point
out variables used by utility nodes as decision criteria.
Fig. 12: IDs graph model of alert transfer
Based on that structure of decisional model, the alert trans-
fer may be represented in Figure 12. Ovals stand for Chance
nodes, rectangles stand for Decision nodes, and diamonds
stand for Utility nodes. The information arc relates to all
information observed to make a decision and the conditional
arc relates to data issued from Chance node and considered
as evidence for the Decision nodes.
Additionally, to make a decision, the agent that takes a
decision needs to have its preferences quantified according to
a set of attributes. In [7], Butler introduces the theory of multi-
attribute utility (MAUT) to quantify a preference with numer-
ical value. The best preference has the higher value whereas
the worst has the lower one. To achieve that, the Utility node
is associated with a utility table that gathers the preferences of
all decision choices. Table II shows these preferences for the
in-LAN ACE alert sending decision taking mechanism and is
represented by the utility database in Figure 5.
TABLE II: Utility table for in-LAN ACE alert sending
UtilityCell HasUParameters HasUValue
Cell 1 send(alert.InLanACE)=yes|severity.alert=low -80
Cell 2 send(alert.InLanACE)=yes|severity.alert=medium 50
Cell 3 send(alert.InLanACE)=yes|severity.alert=high 100
Cell 4 send(alert.InLanACE)=no|severity.alert=low 80
Cell 5 send(alert.InLanACE)=no|severity.alert=medium 40
Cell 6 send(alert.InLanACE)=no|severity.alert=high -100
The Figure 13 shows the encoding of Table II utility table
7. for in-Lan ACE alert sending.
<owl:Class rdf:ID="send(alert.InLanACE)">
<owl:Restriction>
<owl:onProperty>
<owl:ObjectProperty rdf:ID="attributeOf" />
</owl:onProperty>
<owl:hasValue rdf:resource=#U />
</owl:Restriction>
...
<rdfs:subClassOf>
<owl:hasValue rdf:ID="DecisionNode" />
</rdfs:subClassOf>
</owl:Class>
<owl:Class rdf:ID="severity.alert">
...
<rdfs:subClassOf>
<owl:hasValue rdf:ID="ChanceNode" />
</rdfs:subClassOf>
</owl:Class>
<owl:Class rdf:ID="U1">
<UtilityTable rdf:ID="table_1">
<hasUCell>
<UtilityCell rdf:ID="cell_1">
<hasUParameter rdf:datatype="#string">
send(alert.InLanACE)=yes,severity.alert=low
</hasUParameter>
<hasUValue rdf:datatype="#float">-80</hasValue>
</UtilityCell>
</hasUCell>
...
<hasUCell>
<UtilityCell rdf:ID="cell_6">
<hasUParameter rdf:datatype="#string">
send(alert.InLanACE)=no,severity.alert=high
</hasUParameter>
<hasUValue rdf:datatype="#float">-100</hasValue>
</UtilityCell>
</hasUCell>
</UtilityTable>
</owl:Class>
Fig. 13: Utility encoding
As seen in Figure 7, a sequential path between all decisions
exists. Indeed, some decision depends on previous decisions
and as a consequence, previous decisions (Decision node)
become Chance nodes for next Chance node. Figure 12 illus-
trates that send(alert.InLanACE) is at the same time a Decision
node and a Chance node that is known be the decision node
alertForward2(InLanACE, UpperACE).
IV. CONCLUSION
In this paper we have presented a global solution developed
for an incident reaction system based on a policy regulation
approach strategy. The solution is composed firstly with a
MAS that offers the advantage to react quickly and efficiently
against an attack while being adapted for distributed networks
and secondly with a decision support system that helps agents
to make decisions based on utility preference values. This is
achieved by taking uncertainty into account through Bayesian
networks and influence diagram.
The decision support system has been explained for the
transfer of an alert from the alert correlation engine to the
policy instantiation engine. Other decision points exist in
the architecture. All of them could be solved using decision
support system but they are not explained in the paper.
An important advantage of this decision support system is
its capability to take decision at different points of the network.
If more knowledge is needed to take a decision, the higher
layer gives a global view of the whole system and is able to
take decisions based on a more precise state of the system.
The future works based on our achievements will be the
specification of a protocol, specification of the messages and
thus the reaction methodology service oriented based. This
protocol and methodology will be dedicated to the architecture
presented in this paper and address the interoperability issues
with regard to the policy representation and modeling.
ACKNOWLEDGMENT
This research was funded by the National Research Fund
of Luxembourg in the context of TITAN (Trust-Assurance for
Critical Infrastructures in Multi-Agents Environments, FNR
CO/08/IS/21) project.
REFERENCES
[1] Agnar Aamodt and Enric Plaza. Case-based reasoning: Foundational
issues, methodological variations, and system approaches. AI Commun.,
7(1):39–59, 1994.
[2] Cataldo Basile, Antonio Lioy, Gregorio Mart´ınez P´erez, F´elix J. Garc´ıa
Clemente, and Antonio F. G´omez-Skarmeta. Positif: A policy-based
security management system. In POLICY, page 280. IEEE Computer
Society, 2007.
[3] F. Bellifemine, G. Caire, A. Pogg, and G. Rimassa. Jade - a white paper.
Technical Report 3, Telecom Italia Lab, EXP Online, 2003.
[4] Fabio Bellifemine, Agostino Poggi, and Giovanni Rimassa. Jade - a
fipa-compliant agent framework. Technical report, CSELT, 1999.
[5] Elisa Bertino, Alessandra Mileo, and Alessandro Provetti. Pdl with
preferences. In POLICY, pages 213–222. IEEE Computer Society, 2005.
[6] E. Bulut, D. Khadraoui, and B. Marquet. Multi-agent based secu-
rity assurance monitoring system for telecommunication infrastructures.
Network, and Information Security conference (CNIS 2007), Berkeley,
California, USA, 2007.
[7] John Butler, Douglas J. Morrice, and Peter W. Mullarkey. A multiple
attribute utility theory approach to ranking and selection. Manage. Sci.,
47(6):800–816, 2001.
[8] Carlos Carrascosa, Javier Bajo, Vicente Juli´an, Juan M. Corchado, and
Vicente J. Botti. Hybrid multi-agent architecture as a real-time problem-
solving model. Expert Syst. Appl., 34(1):2–17, 2008.
[9] A. Cuevas, P. Serrano, J. I. Moreno, C. J. Bernardos, J. J¨ahnert, and R. L.
Aguiar. Usability and evaluation of a deployed 4g network prototype.
Journal of Communications and Networks, Vol. 7 (2), 2008.
[10] Nicodemos Damianou, Naranker Dulay, Emil Lupu, and Morris Sloman.
The ponder policy specification language. In Morris Sloman, Jorge
Lobo, and Emil Lupu, editors, POLICY, volume 1995 of Lecture Notes
in Computer Science, pages 18–38. Springer, 2001.
[11] H. Debar, France Telecom, D. Curry, Guardian, B. Feinstein, and Inc.
SecureWorks. The intrusion detection message exchange format (idmef).
IDMEF/RFC4765, 2007.
[12] C. Feltus, D. Khadraoui, B. de R´emont, and A.Rifaut. Business
gouvernance based policy regulation for security incident response.
IEEE Global Infrastructure Symposium, 2007.
8. [13] FIPA. http://www.fipa.org/.
[14] B. Gˆateau. Mod´elisation et Supervision d’Institutions Multi-Agents. PhD
thesis, ´Ecole Sup´erieure des Mines de Saint-´Etienne, 2007.
[15] B. Gˆateau, D. Khadraoui, and C. Feltus. Multi-agents system service
based platform in telecommunication security incident reaction. IEEE
Global Information Infrastructure Symposium, 2009.
[16] Benjamin Gˆateau, Djamel Khadraoui, Christophe Feltus, and Benoˆıt De
R´emont. Multi-agents based architecture for is security incident reaction.
In RIVF. [PDF], 2008.
[17] R. A. Howard and J.E. Matheson. Influence diagrams. Decision Analysis,
pages 127–143, 2005.
[18] Finn V. Jensen. Bayesian Networks and Decision Graphs (Information
Science and Statistics). Springer, July 2001.
[19] L. J. LaPadula. State of the art in anomaly detection and reaction
technical report mp 99b0000020. Mitre, July 1999.
[20] H. D. Lasswell. The decision process; seven categories of functional
analysis. College of Business and Public Administration, University of
Maryland, 1956.
[21] Kun-Yung Lu and Chun-Chin Sy. A real-time decision-making of
maintenance using fuzzy agent. Expert Syst. Appl., 36(2):2691–2698,
2009.
[22] M. Petkac and Lee Badger. Security agility in response to intrusion
detection. In ACSAC, pages 11–20. IEEE Computer Society, 2000.
[23] G.L.F. Santos, Z. Abdelouahab, R.A. Dias, C.F.L. Lima, E. Nascimento,
and E.M. Cochra. An automated response approach for intrusion
detection security enhancement. Software Engineering and Applications,
2003.
[24] Rudi Studer, V. Richard Benjamins, and Dieter Fensel. Knowledge
engineering: Principles and methods. Data Knowl. Eng., 25(1-2):161–
197, 1998.
[25] J.A. Tatman and R.D. Shachter. Dynamic programming and influence
diagrams. IEEE Transactions on Systems, Man, and Cybernetics,
20(2):365–379, 1990.
[26] Joseph Chee Ming Teo, Chik How Tan, and Jim Mee Ng. Denial-of-
service attack resilience dynamic group key agreement for heterogeneous
networks. Telecommunication Systems, 35(3-4):141–160, 2007.
[27] Bayes theorem. http://plato.stanford.edu/entries/bayes-theorem/.
[28] Gustavo A. Santana Torrellas and Luis A. Villa Vargas. Modelling a
flexible network security systems using multi-agents systems: security
assessment considerations. In ISICT, volume 49 of ACM International
Conference Proceeding Series, pages 365–371. Trinity College Dublin,
2003.
[29] Y. Yang. A framework for decision support systems adapted to uncertain
knowledge. PhD thesis, University of Karlsruhe, 2007.
[30] R. Yu, B. Iung, and H. Panetto. A multi-agents based e-maintenance
system with case-based reasoning decision support. Engineering Appli-
cations of Artificial Intelligence, pages 321–333.