The increasing number of connected devices and the complexity of Internet of Things (IoT) ecosystems are demanding new architectures for managing and securing these networked environments. Intrusion Detection Systems (IDS) are security solutions that help to detect and mitigate the threats that IoT systems face, but there is a need for new IDS strategies and architectures. This paper describes a development environment that allows the programming and debugging of distributed, rule-based multi-agent IDS solutions. The proposed solution consists in the integration of a rule engine into the agent, the use of a specialized, wrapping agent class with a graphical user interface for programming and debugging purposes, and a mechanism for the incremental composition of behaviors. A comparative study and an example IDS are used to test and show the suitability and validity of the approach. The JADE multi-agent middleware has been used for the practical implementations.

翻译：随着连接设备数量的持续增长以及物联网生态系统复杂性的不断提升，对新的架构来管理和保障这些网络化环境的需求日益迫切。入侵检测系统是帮助检测和缓解物联网系统所面临威胁的安全解决方案，但仍需要新的入侵检测系统策略与架构。本文描述了一种开发环境，支持对分布式、基于规则的多智能体入侵检测系统解决方案进行编程与调试。提出的方案包括：将规则引擎集成至智能体内部、使用一种带有图形用户界面的专用封装型智能体类以支持编程与调试，以及一种用于行为的增量式组合机制。通过一项对比研究及一个入侵检测系统示例，对该方法的适用性和有效性进行了测试与验证。在实际部署中，采用了JADE多智能体中间件。