Categorization of malicious behaviors using ontology-based cognitive agents

摘要

Every organization uses computer networks (consisting of networks of networks) for resource sharing (i.e. printer, files, etc.) and communication. Computer networks today are increasingly complex, and managing such networks requires specialized expertise. Monitoring systems help network administrators in monitoring and protecting their network by not allowing users to run illegal application or changing the configuration of network nodes. In this paper we have developed an agent based system for activity monitoring on networks (ABSAMN) and proposed Categorization of Malicious Behaviors using Cognitive Agents (CMBCA). This uses ontology to predict unknown illegal applications based on known illegal application behaviors. CMBCA is an intelligent multi agent system used to detect known and unknown malicious activities carried out users over the network. We have compared An Agent Based System for Activity Monitoring on Network (ABSAMN) and Categorization of Malicious Behaviors using Cognitive Agents (CMBCA) concurrently at the university campus having seven labs equipped with 20 to 300 PCs in various labs. Both systems were tested on the same configuration; results indicate that CMBCA outperforms ABSAMN in every aspect.