An architecture for intrusion detection using autonomous agents

Author

Balasubramaniyan, Jai Sundar ; Garcia-Fernandez, Jose Omar ; Isacoff, David ; Spafford, Eugene ; Zamboni, Diego

Author_Institution

COAST Lab., Purdue Univ., West Lafayette, IN, USA

fYear

1998

fDate

7-11 Dec 1998

Firstpage

13

Lastpage

24

Abstract

The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work

Keywords

multi-agent systems; security of data; software agents; autonomous agents; data collection; data processing; distributed intrusion detection system; intrusion detection system architectures; multiple independent entities; Authorization; Autonomous agents; Contracts; Ear; Event detection; Intrusion detection; Laboratories; MONOS devices; Prototypes; Read only memory;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Security Applications Conference, 1998. Proceedings. 14th Annual

Conference_Location

Phoenix, AZ

ISSN

1063-9527

Print_ISBN

0-8186-8789-4

Type

conf

DOI

10.1109/CSAC.1998.738563

Filename

738563