A Multi-Agent based Decision Mechanism for Incident Reaction in Telecommunication Network

The paper provides a global architectural and decision support solution for a reaction after alert detection mechanisms in the frame of information systems security applied to telecom infrastructures. Therefore, the architecture is developed in a distributed perspective and is composed of three basic layers: the low level that constitutes the interface between the architecture and the infrastructure. The intermediate level that is responsible of correlating the alerts coming from different domains of the infrastructure and to deploy the reaction actions. The architecture is elaborated using a MAS associated to the OntoBayes model for decision mechanism. This model helps agents to make decisions according to preference values and is built upon ontology based knowledge sharing, Bayesian networks based uncertainty management and influence diagram. The major novelty of this Decision Support System is the layered view of the infrastructure thanks to MAS architecture, which enables the decision making with different levels of knowledge.