Multi-agent Systems for Dynamic Forensic Investigation

Phillip Kendrick, Abir Jaafar Hussain, Natalia Criado

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

1 Citation (Scopus)

Abstract

In recent years Multi-Agent Systems have proven to be a useful paradigm for areas where inconsistency and uncertainty are the norm. Network security environments suffer from these problems and could benefit from a Multi-Agent model for dynamic forensic investigations. Building upon previous solutions that lack the necessary levels of scalability and autonomy, we present a decentralised model for collecting and analysing network security data to attain higher levels of accuracy and efficiency. The main contributions of the paper are: (i) a Multi-Agent model for the dynamic organisation of agents participating in forensic investigations; (ii) an agent architecture endowed with mechanisms for collecting and analysing network data; (iii) a protocol for allowing agents to coordinate and make collective decisions on the maliciousness of suspicious activity; and (iv) a simulator tool to test the proposed decentralised model, agents and communication protocol under a wide range of circumstances and scenarios.
Original languageEnglish
Title of host publicationINTELLIGENT COMPUTING THEORIES AND APPLICATION, ICIC 2016, PT I
Pages796-807
Number of pages12
Volume9771
DOIs
Publication statusPublished - 12 Jul 2016

Publication series

NameLecture Notes in Computer Science

Keywords

  • Forensic investigation
  • Multi-agent system
  • Simulator
  • Cyber security

Fingerprint

Dive into the research topics of 'Multi-agent Systems for Dynamic Forensic Investigation'. Together they form a unique fingerprint.

Cite this