Title: MONI: Mobile Agents Ontology based for Network Intrusions Management

Authors: Thomas Ndie Djotio, Claude Tangha, Florette Ngangue Tchangoue, Bernabe Batchakui

Addresses: LABORIMA &ndash Ecole Nationale Superieure Polytechnique, Universite de Yaounde I, P.O. Box 8390, Yaounde, Cameroun. ' LABORIMA &ndash Ecole Nationale Superieure Polytechnique, Universite de Yaounde I, P.O. Box 8390, Yaounde, Cameroun. ' Universite de Paris XII, Val-de-Marne, Faculte des Sciences et Technologie, Departement Informatique, 61, avenue du General de Gaulle, 94010 Creteil Cedex, France. ' LABORIMA – Ecole Nationale Superieure Polytechnique, Universite de Yaounde I, P.O. Box 8390, Yaounde, Cameroun

Abstract: We address ourselves in this paper to the issues of organisation, representation, management and operational use of knowledge in network-based IDS and IPS to reduce the number of false positives and false negatives in these systems. Our approach is based on a Network Intrusion Management-Centric Ontology Model (NIM-COM) for structuring knowledge in order to make the knowledge of systems more complete, generic and reusable. NIM-COM implements a set of concepts NIDS/NIPS need to manipulate to obtain efficiency. We propose MONI (Mobile Agents Ontology based for Network Intrusions Management), a Multi-Agent System for operating knowledge base constructed on the NIM-COM.

Keywords: intrusion detection; intrusion prevention; knowledge base; ontology models; multi-agent systems; MAS; misused approach; behavioural-based approach; networks; false positives; false negatives; agent-based systems; mobile agents; network intrusions.

DOI: 10.1504/IJAMC.2008.020181

International Journal of Advanced Media and Communication, 2008 Vol.2 No.3, pp.288 - 307

Published online: 07 Sep 2008 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article