Author: Zaki M. Hamouda A.
Publisher: Springer Publishing Company
ISSN: 0925-9902
Source: Journal of Intelligent Information Systems, Vol.35, Iss.1, 2010-08, pp. : 123-155
Disclaimer: Any content in publications that violate the sovereignty, the constitution or regulations of the PRC is not accepted or approved by CNPIEC.
Abstract
With the explosive growth of Internet applications, the threats of network worms against computer systems and network security are seriously increasing. Many recent researches concentrate on providing a propagation model and early warning. In fact, the defense against worms in a realistic environment is an open problem. In this work, we present WSRMAS (worm spreading_reduction multi_agent system) as a system that includes a worm defense mechanism to considerably reduce the rate at which hosts are infected. As WSRMAS needs a suitable infra-structure, its architecture was elaborated and an agent platform was designed and implemented to support WSRMAS functions. The proposed system was provided once with a centralized plan and second with a decentralized (distributed) plan. In both cases the system performance was evaluated. Also different communication capabilities using Knowledge Query Manipulation Language (KQML) were exploited to improve WSRMAS performance. The ratio between worm and anti-worm spreading was studied to investigate its influence on the defense efficiency. Taking into account that some machines may not deploy WSRMAS, consequently, the effectiveness of WSRMAS under different operational conditions has been studied.
Related content
By Erden Mustafa Suphi Leblebicioğlu Kemal Halici Uğur
Journal of Intelligent and Robotic Systems, Vol. 39, Iss. 3, 2004-03 ,pp. :