A Multi-Agent Approach for Hybrid Intrusion Detection in Industrial Networks: Design and Implementation

Vargas Martinez, Cyntia; Sollfrank, Michael; Vogel-Heuser, Birgit

Benutzer: Gast

VaSoVo2019

Titel:: A Multi-Agent Approach for Hybrid Intrusion Detection in Industrial Networks: Design and Implementation
Dokumenttyp:: Konferenzbeitrag
Autor(en):: Vargas Martinez, Cyntia; Sollfrank, Michael; Vogel-Heuser, Birgit
Abstract:: The integration of Network Intrusion Detection Systems (Network IDS) in industrial networks has improved the security of these systems due to their ability to analyze network traffic in order to detect potential system intrusions. Unfortunately, their detection scope is often limited to strategical network locations and may therefore not be capable to detect intrusions occurring at other system locations (e.g., specific devices). Hence, it is necessary to increase their detection scope by further analyzing additional information pertaining to other system components. The introduction of these new information sources adds more complexity to the intrusion detection problem, as it is not only necessary to identify them, but it is also required to define how their authentication, capture and analysis is to be carried out. Multi-Agent Systems are an architectural paradigm that can deal with such complexity. This paper presents a Multi-Agent approach for hybrid intrusion detection that takes into consideration the aforementioned challenges. This approach is comprised of a Multi-Agent hybrid intrusion detection architecture designed according to a set of properties. These properties consider IDS-specific requirements. It also takes into consideration current trends in the field of Multi-Agent Systems to provide security, scalability and adaptability across multiple systems. The feasibility of this approach is validated through a prototypical implementation «
The integration of Network Intrusion Detection Systems (Network IDS) in industrial networks has improved the security of these systems due to their ability to analyze network traffic in order to detect potential system intrusions. Unfortunately, their detection scope is often limited to strategical network locations and may therefore not be capable to detect intrusions occurring at other system locations (e.g., specific devices). Hence, it is necessary to increase their detection scope by furthe... »
Kongress- / Buchtitel:: 17th IEEE International Conference on Industrial Informatics (IEEE INDIN)
Verlagsort:: Helsinki, Finnland
Jahr:: 2019
Seiten:: 351--357
Nachgewiesen in:: Scopus; Web of Science
WWW:: https://www.indin2019.org/program/full/
BibTeX

Vorkommen:

mediaTUM Gesamtbestand Einrichtungen Schools TUM School of Engineering and Design Departments Mechanical Engineering Lehrstuhl für Automatisierung und Informationssysteme (Prof. Vogel-Heuser)2019 Konferenz

mediaTUM Gesamtbestand Hochschulbibliographie 2019 Fakultäten Maschinenwesen Lehrstuhl für Automatisierung und Informationssysteme (Prof. Vogel-Heuser)