Title :
An Inside Attacker Proof Intrusion Detection System
Author :
Shi, Wenbo ; Jang, Injoo ; Yoo, Hyeong Seon
Author_Institution :
Sch. of Comput. Sci. & Eng., Inha Univ., Incheon, South Korea
Abstract :
Recently, an intrusion detection system which named CONFIDANT was proposed, which utilized file integrity analyzers and mobile agent for intrusion detection and aimed to detection of malicious activity by insiders. But CONFIDANT has vulnerabilities in security aspect, the sensor agents in the lowest echelon are easily compromised by malicious platforms. Therefore, we integrate a security mechanism which named clone agent protocol into CONFIDANT. We improved the structure of CONFIDANT to protect those agents and strengthen its security, make sure them finish their computation and detect malicious hosts even though there are a few malicious platforms.
Keywords :
mobile agents; security of data; CONFIDANT; clone agent protocol; file integrity analyzers; inside attacker proof; intrusion detection system; malicious host detection; malicious platforms; mobile agent; sensor agents; Cloning; Computer science; Information analysis; Information security; Information technology; Intrusion detection; Mobile agents; Protection; Protocols; Software agents; Clone agent protocol; Intrusion detection system; Mobile agent security;
Conference_Titel :
Computer Sciences and Convergence Information Technology, 2009. ICCIT '09. Fourth International Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-5244-6
Electronic_ISBN :
978-0-7695-3896-9
DOI :
10.1109/ICCIT.2009.158
