Abstract
The paper considers the approach to investigation of distributed cooperative cyber-defense mechanisms against network infrastructure oriented attacks (Distributed Denial of Service, network worms, botnets, etc.). The approach is based on the agent-based simulation of cyber-attacks and cyber-protection mechanisms which combines discrete-event simulation, multi-agent approach and packet-level simulation of network protocols. The various methods of counteraction against cyber-attacks are explored by representing attack and defense components as agent teams using the software simulation environment under development. The teams of defense agents are able to cooperate as the defense system components of different organizations and Internet service providers (ISPs). The paper represents the common framework and implementation peculiarities of the simulation environment as well as the experiments aimed on the investigation of distributed network attacks and defense mechanisms.
Highlights
Today we are in growing dependence from information and telecommunication technologies
The further use of them becomes impossible without appropriate protection mechanisms and effective homeland security solutions
The cyber-defense systems have to be adaptive and evolve dynamically with the change of network conditions. To implement these possibilities in prospective cyber-defense system one must implement the dynamic behavior, autonomy and adaptation of particular components, the use of methods based on negotiations and cooperation that lie in the basis of multi-agent systems and autonomic computing
Summary
Today we are in growing dependence from information and telecommunication technologies. The important problem in homeland security which solution is urgently needed is the investigation of counteraction between malefactors and defense systems in computer networks, including the Internet, and the creation of prospective intelligent cyber-defense systems [20]. The effective cyber-defense should include the mechanisms of attack prevention, detection, source tracing and protection as well as can only be achieved by the cooperation of different distributed components [17, 18]. The cyber-defense systems have to be adaptive and evolve dynamically with the change of network conditions To implement these possibilities in prospective cyber-defense system one must implement the dynamic behavior, autonomy and adaptation of particular components, the use of methods based on negotiations and cooperation that lie in the basis of multi-agent systems and (or) autonomic computing. The prospective cyber-defense system has to provide at least three levels of cybersecurity (Fig. 2)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
