A multi-agent approach for hybrid intrusion detection in industrial networks: Design and implementation

Cyntia Vargas Martinez, Michael Sollfrank, Birgit Vogel-Heuser

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

The integration of Network Intrusion Detection Systems (Network IDS) in industrial networks has improved the security of these systems due to their ability to analyze network traffic in order to detect potential system intrusions. Unfortunately, their detection scope is often limited to strategical network locations and may therefore not be capable to detect intrusions occurring at other system locations (e.g., specific devices). Hence, it is necessary to increase their detection scope by further analyzing additional information pertaining to other system components. The introduction of these new information sources adds more complexity to the intrusion detection problem, as it is not only necessary to identify them, but it is also required to define how their authentication, capture and analysis is to be carried out. Multi-Agent Systems are an architectural paradigm that can deal with such complexity. This paper presents a multi-agent approach for hybrid intrusion detection that takes into consideration the aforementioned challenges. This approach is comprised of a multi-agent hybrid intrusion detection architecture designed according to a set of properties. These properties consider IDS-specific requirements. It also takes into consideration current trends in the field of Multi-Agent Systems to provide security, scalability and adaptability across multiple systems. The feasibility of this approach is validated through a prototypical implementation.

Original languageEnglish
Title of host publicationProceedings - 2019 IEEE 17th International Conference on Industrial Informatics, INDIN 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages351-357
Number of pages7
ISBN (Electronic)9781728129273
DOIs
StatePublished - Jul 2019
Event17th IEEE International Conference on Industrial Informatics, INDIN 2019 - Helsinki-Espoo, Finland
Duration: 22 Jul 201925 Jul 2019

Publication series

NameIEEE International Conference on Industrial Informatics (INDIN)
Volume2019-July
ISSN (Print)1935-4576

Conference

Conference17th IEEE International Conference on Industrial Informatics, INDIN 2019
Country/TerritoryFinland
CityHelsinki-Espoo
Period22/07/1925/07/19

Keywords

  • Agent Architecture
  • Industrial Network Security
  • Intrusion Detection
  • Multi-Agent Systems (MAS)

Fingerprint

Dive into the research topics of 'A multi-agent approach for hybrid intrusion detection in industrial networks: Design and implementation'. Together they form a unique fingerprint.

Cite this