Agent-Based Distributed Intrusion Alert System
Autor: | Sandip Sen, Arjita Ghosh |
---|---|
Rok vydání: | 2004 |
Předmět: | |
Zdroj: | Distributed Computing-IWDC 2004 ISBN: 9783540240761 IWDC |
DOI: | 10.1007/978-3-540-30536-1_28 |
Popis: | Intrusion detection for computer systems is a key problem in today’s networked society. Current distributed intrusion detection systems (IDSs) are not fully distributed as most of them centrally analyze data collected from distributed nodes resulting in a single point of failure. Increasingly, researchers are focusing on distributed IDSs to circumvent the problems of centralized approaches. A major concern of fully distributed IDSs is the high false positive rates of intrusion alarms which undermine the usability of such systems. We believe that effective distributed IDSs can be designed based on principles of coordinated multiagent systems. We propose an Agent-Based Distributed Intrusion Alert System (ABDIAS) which is fully distributed and provides two capabilities in addition to other functionalities of an IDS: (a) early warning when pre-attack activities are detected, (b) detecting and isolating compromised nodes by trust mechanisms and voting-based peer-level protocols. |
Databáze: | OpenAIRE |
Externí odkaz: |