A multi-agents system for network security management

The openness of business toward telecommunication networks in general and Internet in particular is performed at the prize of high security risks. Every professional knows that the only way to secure completely a private network is to make it unreachable. However, even if this solution was undertaken for many years, nowadays it is not possible to close private network especially for business purpose. Thus, security management becomes an important issue that must be considered carefully. The focus of our work concerns one critical security management issue that is intrusion detection. Some drawbacks of existing systems reveal the necessity of designing a new generation of self-adaptive systems. In fact, self-control, flexibility, adaptability, autonomy and distribution are the main features to be addressed in a suitable architecture that fulfils these requirements. The introduction of multi-agents system (MAS) in a network seems so promising to enable network entities to perform adaptive and "intelligent" behavior. "Intelligence" means that network entities provide reasoning capabilities, exhibit behavior autonomy, adaptability, interaction, communication and co-operation in order to reach specified goals. In this context, we propose a new approach for security management using intelligent agent (IA) technology. This approach provides a flexible integration of multi-agent technique in a classical network to enhance its protection level against inherent attacks.