Intelligent agents for intrusion detection

Author

Helmer, Guy G. ; Wong, Johnny S K ; Honavar, Vasant ; Miller, Les

Author_Institution

Iowa State Univ., Ames, IA, USA

fYear

1998

fDate

1-3 Sep 1998

Firstpage

121

Lastpage

124

Abstract

The paper focuses on intrusion detection and countermeasures with respect to widely-used operating systems and networks. The design and architecture of an intrusion detection system built from distributed agents is proposed to implement an intelligent system on which data mining can be performed to provide global, temporal views of an entire networked system. A starting point for agent intelligence in the system is the research into the use of machine learning over system call traces from the privileged sendmail program on UNIX. The authors use a rule learning algorithm to classify the system call traces for intrusion detection purposes and show the results

Keywords

Unix; computer network management; knowledge acquisition; learning (artificial intelligence); learning systems; security of data; software agents; UNIX; agent intelligence; data mining; distributed agents; global views; intelligent agents; intrusion countermeasures; intrusion detection; machine learning; network; operating systems; privileged sendmail program; rule learning algorithm; system call trace classification; temporal views; Artificial intelligence; Computer networks; Computerized monitoring; Data mining; Intelligent agent; Intelligent networks; Intelligent systems; Intrusion detection; Java; Learning systems;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Technology Conference, 1998. IEEE

Conference_Location

Syracuse, NY

Print_ISBN

0-7803-9914-5

Type

conf

DOI

10.1109/IT.1998.713396

Filename

713396