MAITS

Abstract

In this chapter, we propose a multi-agent-based information technology (IT) security approach (MAITS) as a holistic solution to the increasing needs of securing computer systems. Each specialist task for security requirements is modeled as a specialist agent. MAITS has five groups of working agents—administration assistant agents, authentication and authorization agents, system log *monitoring agents, intrusion detection agents, and pre-mortem-based computer forensics agents. An assessment center, which is comprised of yet another special group of agents, plays a key role in coordinating the interaction of the other agents. Each agent has an agent engine of an appropriate machine-learning algorithm. The engine enables the agent with learning, reasoning, and decision-making abilities. Each agent also has an agent interface, through which the agent interacts with other agents and also the environment.