A hierarchical mobile-agent-based security operation center

Jung Shian Li, Che Jen Hsieh, Husan Yeh Lin

Research output: Contribution to journalArticlepeer-review

9 Citations (Scopus)

Abstract

The continuous evolvement of the e-domain has led to a significant increase in the amount of sensitive personal information stored on networked hosts. These hosts are invariably protected by security mechanisms such as intrusion detection systems, Intrusion Prevention System (IPS), antivirus software, firewalls, and so forth. However, they still remain vulnerable to the threat of malicious attacks, theft and intrusion. The high false positive alarm rate of such mechanisms is particularly troublesome because false alarms greatly degrade the efficiency of the security framework. Security operation centers (SOCs) provide an automated solution for analyzing the threat to a network such that appropriate protective measures can be put in place. This paper proposes a novel hierarchical mobile-agent-based SOC to overcome the vulnerability of traditional static SOCs to single point of failure attacks. In addition, the network is partitioned into multiple divisions, each with its own alert detection and aggregation methodology to improve the computational efficiency of the data collection and fusion process. The data acquired in the various divisions are fused and correlated in an efficient manner via intrusion detection message exchange format, XML, session and timer methods The experimental results confirm the effectiveness and efficiency of the proposed hierarchical mobile-agent-based SOC framework.

Original languageEnglish
Pages (from-to)1503-1519
Number of pages17
JournalInternational Journal of Communication Systems
Volume26
Issue number12
DOIs
Publication statusPublished - 2013 Dec 1

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering

Fingerprint Dive into the research topics of 'A hierarchical mobile-agent-based security operation center'. Together they form a unique fingerprint.

Cite this