CONFERENCE PROCEEDINGS
Advanced Search
Home > Proceedings > Volume 5812 > Article
Paper
28 March 2005 VMSoar: a cognitive agent for network security
David P. Benjamin, Ranjita Shankar-Iyer, Archana Perumal
Author Affiliations +
Proceedings Volume 5812, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005; (2005) https://doi.org/10.1117/12.602015
Event: Defense and Security, 2005, Orlando, Florida, United States
Abstract
VMSoar is a cognitive network security agent designed for both network configuration and long-term security management. It performs automatic vulnerability assessments by exploring a configuration’s weaknesses and also performs network intrusion detection. VMSoar is built on the Soar cognitive architecture, and benefits from the general cognitive abilities of Soar, including learning from experience, the ability to solve a wide range of complex problems, and use of natural language to interact with humans. The approach used by VMSoar is very different from that taken by other vulnerability assessment or intrusion detection systems. VMSoar performs vulnerability assessments by using VMWare to create a virtual copy of the target machine then attacking the simulated machine with a wide assortment of exploits. VMSoar uses this same ability to perform intrusion detection. When trying to understand a sequence of network packets, VMSoar uses VMWare to make a virtual copy of the local portion of the network and then attempts to generate the observed packets on the simulated network by performing various exploits. This approach is initially slow, but VMSoar’s learning ability significantly speeds up both vulnerability assessment and intrusion detection. This paper describes the design and implementation of VMSoar, and initial experiments with Windows NT and XP.
© (2005) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Citation Download Citation
David P. Benjamin, Ranjita Shankar-Iyer, and Archana Perumal "VMSoar: a cognitive agent for network security", Proc. SPIE 5812, Data Mining, Intrusion Detection, Information Assurance, and Data Networks Security 2005, (28 March 2005); https://doi.org/10.1117/12.602015
ACCESS THE FULL ARTICLE
ORGANIZATIONAL
Sign in with credentials provided by your organization.
INSTITUTIONAL
Select your institution to access the SPIE Digital Library.
SELECT YOUR INSTITUTION
PERSONAL
Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.
PERSONAL SIGN IN
No SPIE Account? Create one
PURCHASE THIS CONTENT
SUBSCRIBE TO DIGITAL LIBRARY
50 downloads per 1-year subscription
Members: $195
Non-members: $335 ADD TO CART
25 downloads per 1 - year subscription
Members: $145
Non-members: $250 ADD TO CART
PURCHASE SINGLE ARTICLE
Includes PDF, HTML & Video, when available
Members: $17.00
Non-members: $21.00 ADD TO CART
PROCEEDINGS
 9 PAGES
DOWNLOAD PAPER SAVE TO MY LIBRARY
GET CITATION
Lens.org Logo
CITATIONS
Cited by 4 scholarly publications.
Advertisement
Advertisement
RIGHTS & PERMISSIONS
Get copyright permission  Get copyright permission on Copyright Marketplace
KEYWORDS
Computer intrusion detection
Network security
Space operations
Windows NT
Artificial intelligence
Computer architecture
Legal
RELATED CONTENT
A new intrusion prevention model using planning knowledge graph
Proceedings of SPIE (March 14 2013)
A fog-assisted revocable and auditable access control system
Proceedings of SPIE (August 15 2023)
A hybrid method for protection against threats to a network...
Proceedings of SPIE (April 20 2017)
Wiretapping the Internet
Proceedings of SPIE (February 21 2001)
Ultrabroadband photonic Internet: data mining approach to security aspects
Proceedings of SPIE (August 05 2009)
Dynamic immune intrusion detection system for IPv6
Proceedings of SPIE (March 28 2005)
Data mining model and algorithm in IDS
Proceedings of SPIE (April 15 2004)
Subscribe to Digital Library
Receive Erratum Email Alert
Back to Top