Reports and Papers Archive
An Application of Pattern Matching in Intrusion Detection
A Software Architecture to Support Misuse Instrusion Detection
Generation of Application Level Audit Data via Library Interposition
Temporal Sequence Learning and Data Reduction for Anomaly Detection
Machine Learning Techniques for the Domain of Anomaly Detection for Computer Security
Detecting the Abnormal: Machine Learning in Computer Security
A Reference Model for Firewall Technology and its Implications for Connection Signaling
Data Quality in Security Outsourcing of Scientific Computations
A New Approach to the Specification of Computer Security Poilicies
An Architecture for Intrusion Detection using Autonomous Agents
The Intrusion Detection System architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or effeciencey. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed Intrusion Detection System based on multiple independent entities working collectively. We call these entities Autonomous Agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.