Title :
A Distributed Autonomous Intrusion Detection Framework
Author_Institution :
Michigan Technol. Univ., Houghton, MI
Abstract :
In this paper, we present a highly-configurable distributed autonomous intrusion detection framework. It supports a hybrid, integrated and flexible intrusion detection model which consists of a family of intrusion detection agents. Agents can dynamically download and install appropriate modules, signatures and policy files from the central server based on operational requirements. A group key management system is used to provide secure and scalable group communication and group management in A2D2. Flexible intrusion response mechanisms are designed. A data fusion and event analysis engine (mEngine) and an object-based intrusion modeling language (mLanguage) are also designed. Both mEngine and mLanguage are domain-independent.
Keywords :
computer network management; object-oriented languages; security of data; sensor fusion; A2D2; data fusion; detection agents; distributed autonomous intrusion detection; event analysis engine; flexible intrusion response mechanisms; group communication; group key management system; group management; object-based intrusion modeling language; operational requirements; Autonomous agents; Communication system traffic control; Computer networks; Data security; Engines; File servers; Intrusion detection; Mobile computing; Network servers; Software maintenance; agent; distributed IDS; intrusion detection;
Conference_Titel :
Globecom Workshops, 2007 IEEE
Conference_Location :
Washington, DC
Print_ISBN :
978-1-4244-2024-7
DOI :
10.1109/GLOCOMW.2007.4437795
