Share Email Print
cover

Proceedings Paper

Mining security events in a distributed agent society
Author(s): D. Dasgupta; J. Rodríguez; S. Balachandran
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

In distributed agent architecture, tasks are performed on multiple computers which are sometimes spread across different locations. While it is important to collect security critical sensory information from the agent society, it is equally important to analyze and report such security events in a precise and useful manner. Data mining techniques are found to be very efficient in the generation of security event profiles. This paper describes the implementation of such a security alert mining tool which generates profiles of security events collected from a large agent society. In particular, our previous work addressed the development of a security console to collect and display alert message (IDMEF) from a Cougaar (agent) society. These messages are then logged in an XML database for further off-line analysis. In our current work, stream mining algorithms are applied for sequencing and generating frequently occurring episodes, and then finding association rules among frequent candidate episodes. This alert miner could profile most prevalent patterns as indications of frequent attacks in a large agent society.

Paper Details

Date Published: 18 April 2006
PDF: 12 pages
Proc. SPIE 6241, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006, 62410A (18 April 2006); doi: 10.1117/12.661003
Show Author Affiliations
D. Dasgupta, Univ. of Memphis (United States)
J. Rodríguez, Univ. of Memphis (United States)
S. Balachandran, Univ. of Memphis (United States)


Published in SPIE Proceedings Vol. 6241:
Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2006
Belur V. Dasarathy, Editor(s)

© SPIE. Terms of Use
Back to Top