Intelligent Agents for Intrusion Detection
Author
Guy G. Helmer, Johnny S. K. Wong, Vasant Honavar, Les Miller
Abstract
This paper focuses on intrusion detection and countermeasures with respect to widely-used operating systems and networks. The design and architecture of an intrusion detection system built from distributed agents is proposed to implement an intelligent system on which data mining can be performed to provide global, temporal views, of an entire networked system.
A starting point for agent intelligence in our system is the research into the use of machine learning over system call traces from the privileged sendmail program on UNIX. We use a rule learning algorithm to classify the system call traces for intrusion detection purposes and show the results.
Publisher
Iowa State University
Affiliation
Iowa State University
Publication Date
2001-01-01
Keywords
intrusion detection, Distributed Intrusion Detection System, sendmail