Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 30379
Intelligent Agents for Distributed Intrusion Detection System

Authors: M. Benattou, K. Tamine

Abstract:

This paper presents a distributed intrusion detection system IDS, based on the concept of specialized distributed agents community representing agents with the same purpose for detecting distributed attacks. The semantic of intrusion events occurring in a predetermined network has been defined. The correlation rules referring the process which our proposed IDS combines the captured events that is distributed both spatially and temporally. And then the proposed IDS tries to extract significant and broad patterns for set of well-known attacks. The primary goal of our work is to provide intrusion detection and real-time prevention capability against insider attacks in distributed and fully automated environments.

Keywords: Mobile Agent, correlation, specialized agent, interpreter agent, event rules

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1083577

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1473

References:


[1] M. Eid, "A New Mobile Agent-Based Intrusion detection System Using distributed Sensors", In proceeding of FEASC, 2004.
[2] G. Hulmer, J. S.K. Wong, V. Honavar, L. Miller, Y. Wang, "Lightweight Agents for Intrusion Detection", Journal of Systems and Software 67 (03), pages 109-122, 2003.
[3] M. Benattou and K. Tamine, "Mobile Agents Community For Distributed Intrusion Detection System", accepted for publication in proceeding of International conference on Computing, Communication and Control Technologies, Austin, USA, July 2005.
[4] W. A. Jansen, "Intrusion detection with mobile agents", Computer communication (15): page: 1392-1401, 2002.
[5] C. Kruegel and T. Toth "Applying Mobile Agent Technology to Intrusion Detection", technical report, University of Vienna, TUV- 1841-2002-31, 2002.
[6] M. Benattou and Jean-Michel Bruel, "Active Objects for Coordination in Distributed Testing", Proceedings of the 8th Int. Conf. on Object- Oriented Information Systems OOIS'02, Lecture Notes in Computer Science, Vol 2425, pp 348-357, 2002.
[7] W. A. Jansen, "Determining Privileges of Mobile Agents", 17th Annual Computer Security Applications Conference, pages 149-160, 2001.
[8] J. Barrus and N. Rowe, "Distributed Autonomous-Agent Network- Intrusion detection and response System. In proceeding of Command and Control research and Technologies Symposium, 1998.
[9] S. Fenet and S. Hassas, "A Distributed Intrusion Response System Based on Mobile Autonomous Agents Using Social Insects Communication Paradigm". Published by Elsevier Science B. V., pages 21-29, 2001.
[10] S. Anasari, Rajeev S.G., and H.S. Chandrashekar, "Packet Sniffing: A brief Introduction", IEEE, January 2003.
[11] K. Boudaoud, N. Foukia, Z. Guessoum "An Intelligent Agent Approach for Security Management ", Proceeding of the 7th HP OpenView University Association Plenary Workshop, HPOVUA-2000, Santorini, Greece 12-14 June 2000.
[12] K. Singh, Son Vuong "Blaze: A Mobile Agent Paradigm for VOIP Intrusion Detection System", Proceeding of ICETE 2004, First International Conference on Business and Telecommunication Networks, Setubal, Portugal, August 2004.
[13] M. Roesch, "Snort: Lightweight Intrusion detection for networks", A white paper on the design features of snort 2.0, 2004. www.sourcefire.com/technology/whitepapers.html
[14] T. Wheeler, "Reducing Development Effort Using the Voyager ORB", Recursion Software, Inc, 2002.