Design and implementation of independent agents-based distributed intrusion detection system

Author

Du, Ye ; Wang, Huiqiang ; Pang, Yonggang

Author_Institution

Coll. of Comput. Sci. & Technol., Harbin Eng. Univ., China

Volume

5

fYear

2004

Firstpage

4343

Abstract

The common problems of current intrusion detection systems (IDSs) were analyzed. On the basis of these, a distributed IDS framework model based on independent agents was proposed. This paper described the function of entities, defined the communication and alert mechanisms, and designed some detection agents. The proposed model is an open system with good scalability. There are no control analyzers in it, which avoids the problem of a single point failure. Agents are independent, while they can communicate and cooperate with one another to take actions. The experiment results show that it costs low system resources and network bandwidth. Although the prototype is realized on Linux platform, it is easy to migrate into other platforms for independence of system environment.

Keywords

multi-agent systems; open systems; operating systems (computers); security of data; Linux platform; agent interaction; alert mechanisms; communication mechanisms; detection agents; distributed intrusion detection system; independent agents; network bandwidth; open system; scalability; single point failure; system resources; Computer science; Costs; Educational institutions; Failure analysis; Intrusion detection; Open systems; Prototypes; Scalability;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligent Control and Automation, 2004. WCICA 2004. Fifth World Congress on

Print_ISBN

0-7803-8273-0

Type

conf

DOI

10.1109/WCICA.2004.1342333

Filename

1342333