The objective of the attack recognition effort is to develop inference and correlation technologies that can detect complex multi-stage attacks in Mobile Adhoc Networks (MANET) environments where the reliance on centr...
详细信息
ISBN:
(纸本)076952611X
The objective of the attack recognition effort is to develop inference and correlation technologies that can detect complex multi-stage attacks in Mobile Adhoc Networks (MANET) environments where the reliance on centralized mechanisms or fixed relationships is unattainable. This work is supported by the Army Research Laboratory (ARL) Collaborative Technology Alliance (CTA). Technical Area 4 encompasses tactical information protection involving attack recognition and event dissemination where attack recognition is the focus of this study. Previous work has shown the ability to recognize malicious activity using a variety of statistical or fuzzy inference techniques. This research focuses on the next course of action after an attack takes place. This paper reports on an ongoing research effort to add the capability of a network to recover from an attack. This capability is based on the use of modified algorithms traditionally found in graph theory by an intelligent agent based framework. The agent-based framework is a collection of cooperative agents capable of raw packet data collection, comparison of metadata to a knowledge base, and the production of a decision.
暂无评论