Papers by Montaceur Zaghdoud
International Journal on Cloud Computing: Services and Architecture, 2014
With the spread of services related to cloud environment, it is tiresome and time consuming for u... more With the spread of services related to cloud environment, it is tiresome and time consuming for users to look for the appropriate service that meet with their needs. Therefore, finding a valid and reliable service is essential. However, in case a single cloud service cannot fulfil every user requirements, a composition of cloud services is needed. In addition, the need to treat uncertainty in cloud service discovery and composition induces a lot of concerns in order to minimize the risk. Risk includes some sort of either loss or damage which is possible to be received by a target (i.e., the environment, cloud providers or customers). In this paper, we will focus on the uncertainty application for cloud service discovery and composition. A set of existing approaches in literature are reviewed and categorized according to the risk modeling.
Many real world systems and applications require a management tool that provides support for deal... more Many real world systems and applications require a management tool that provides support for dealing with imperfect data. The aim of this paper is to handle the imperfection of spatiotemporal data from the conceptual modeling to the database conception. We propose to add new pictograms in PERCEPTORY in order to build imperfect spatiotemporal class diagrams such as those made using Fuzzy UML. Using those models, we organize the database as a three layer organization: data layer, metadata layer, multivalued layer. ...
The goal of a network-based intrusion detection system (IDS) is to identify malicious behavior th... more The goal of a network-based intrusion detection system (IDS) is to identify malicious behavior that targets a network and its resources. Intrusion detection parameters are numerous and in many cases they present uncertain and imprecise causal relationships which can affect attack types. A bayesian network (BN) is known as graphical modeling tool used to model decision problems containing uncertainty. In this paper, a BN is used to build automatic intrusion detection system based on signature recognition. A major difficulty of this system is that the uncertainty on parameters can have two origins. The first source of uncertainty comes from the uncertain character of information due to a natural variability resulting from stochastic phenomena. The second source of uncertainty is related to the imprecise and incomplete character of information due to a lack of knowledge. The goal of this work is to propose a method to propagate both the stochastic and the epistemic uncertainties, coming respectively from the uncertain and imprecise character of information, through the bayesian model, in an intrusion detection context.
Interactive Technology and Smart Education, 2009
Purpose -The purpose of this paper is to make a scientific contribution to web information retrie... more Purpose -The purpose of this paper is to make a scientific contribution to web information retrieval (IR). Design/methodology/approach -A multiagent system for web IR is proposed based on new technologies: Hierarchical Small-Worlds (HSW) and Possibilistic Networks (PN). This system is based on a possibilistic qualitative approach which extends the quantitative one. Findings -The paper finds that the relevance of the order of documents changes while passing from a profile to another. Even if the selected terms tend to select the relevant document, these terms are not the most frequent of the document. This criterion shows the asset of the qualitative approach of the SARIPOD system in the selection of relevant documents. The insertion of the factors of preference between query terms in the calculations of the possibility and the necessity consists in increasing the scores of possibilistic relevance of the documents containing these terms with an aim of penalizing the scores of relevance of the documents not containing them. The penalization and the increase in the scores are proportional to the capacity of the terms to discriminate between the documents of the collection. Research limitations/implications -It is planned to extend the tests of the SARIPOD system to other grammatical categories, like refining the approach for the substantives by considering for example, the verbal occurrences in names definitions, etc. Also, it is planned to carry out finer measurements of the performances of SARIPOD system by extending the tests with other types of web documents. Practical implications -The system can be useful to help research students find their relevant scientific papers. It must be located in the document server of any research laboratory. Originality/value -The paper presents SARIPOD, a new qualitative possibilistic model for web IR using multiagent system.
The goal of a network-based intrusion detection system (IDS) is to identify malicious behavior th... more The goal of a network-based intrusion detection system (IDS) is to identify malicious behavior that targets a network and its resources. Intrusion detection parameters are numerous and in many cases they present uncertain and imprecise causal relationships which can affect attack types. A Bayesian Network (BN) is known as graphical modeling tool used to model decision problems containing uncertainty. In this paper, a BN is used to build automatic intrusion detection system based on signature recognition. The goal is to recognize signatures of known attacks, match the observed behavior with those known signatures, and signal intrusion when there is a match. A major difficulty of this system is that intrusions signatures change over the time and the system must be retrained. An IDS must be able to adapt to these changes. The goal of this paper is to provide a framework for an adaptive intrusion detection system that uses Bayesian network.
Computing Research Repository, 2009
This paper proposes an intrusion detection and prediction system based on uncertain and imprecise... more This paper proposes an intrusion detection and prediction system based on uncertain and imprecise inference networks and its implementation. Giving a historic of sessions, it is about proposing a method of supervised learning doubled of a classifier permitting to extract the necessary knowledge in order to identify the presence or not of an intrusion in a session and in the positive case to recognize its type and to predict the possible intrusions that will follow it. The proposed system takes into account the uncertainty and imprecision that can affect the statistical data of the historic. The systematic utilization of an unique probability distribution to represent this type of knowledge supposes a too rich subjective information and risk to be in part arbitrary. One of the first objectives of this work was therefore to permit the consistency between the manner of which we represent information and information which we really dispose.
Nowadays, completely protect a network from attacks is being a very hard task. Even heavily prote... more Nowadays, completely protect a network from attacks is being a very hard task. Even heavily protected networks are sometimes penetrated, and an Intrusion Detection System (IDS) seems to be essential and is a key component in computer and network security. Several researchers worked on comparison between Bayesian Network (BN) and Possibilistic network (PN). But, in this paper we are interested by comparison between BN and PN network in Intrusion Detection. Comparison criteria covered detection rate and false alarms rate. Experimentation process used DARPA'99 experimentation data. Comparison results show a superiority of PN versus BN when detecting intrusion.
SARIPOD: A Multiagent Possibilistic System For Web Information Retrieval
Vers une Architecture Multi-agent à Base des Réseaux Petits Mondes Hiérarchiques et des Réseaux Possibilistes pour les Environnements Riches en Informations
Résumé: La problématique majeure de la Recherche d'Information (RI) consiste à extra... more Résumé: La problématique majeure de la Recherche d'Information (RI) consiste à extraire à partir d'une collection de documents, ceux qui répondent à un besoin utilisateur en se basant souvent sur des informations pauvres. Les différents modèles connus de la RI ( ...
Networks. System architecture is composed by two interconnected layers of intelligent agents. The... more Networks. System architecture is composed by two interconnected layers of intelligent agents. The first layer is concerned by intrusion detection. On each host of a distributed computers system, an intelligent agent using bayesian network is charged by detecting intrusion eventuality.
Heterogeneous Uncertain Information Fusion Using an Adaptive Multiagent System
An intrusion response system is charged with minimizing any losses caused by intrusion. It remain... more An intrusion response system is charged with minimizing any losses caused by intrusion. It remains ineffective if the response to the intrusion does not bring the timely and adequate corrections required by the victim system. This paper proposes a new intrusion response system based on contextual fuzzy cognitive map. In this intrusion response system framework, a new ontology is defined based upon conceptual graphs in order to describe relationships between different intrusion concepts and recognize suspect connection as an intrusion which belongs to known intrusion class (DOS, PROBING, U2R or R2U). Fuzzy cognitive maps are used to assess the negative impact of an intrusion on the victim system. Specifying appropriate remedies for all damages which are caused by intrusion is considered as main task of intrusion response system. There are two kinds of remedies: direct or indirect remedies, the former is accomplished by acting directly on the victim system but the later is considered as remotely acting on damaged system. The proposed intrusion response system is multilayer system. The first layer is charged with the identification of the intrusion suspect intrusion using conceptual graphs to build a new ontology. The second layer assesses the effect of intrusion on the victim system using a fuzzy cognitive map. The third layer recommends a response in two ways: automatically by acting through a mobile agent, or manually by alerting the appropriate security administrator.
Uploads
Papers by Montaceur Zaghdoud