Defending a Computer System Using Autonomous Agents
Mark Crosbie and E. H. Spafford
Tech report number
This report presents a prototype architecture of a defense mechanism for computer systems. The intrusion detection problem is introduced and some of the key aspects of any solution are explained. Standard intrusion detection systems are built as a single monolithic module. A finer-grained approach is proposed, where small, independent agents monitor the system. These agents are taught how to recognise intrusive behaviour. The learning mechanism in the agents is built using Genetic Programming. This is explained, and some sample agents are described. The flex- ibility, scalability and resilience of the agent approach are discussed. Future issues are also outlined.
Department of Computer Sciences
A hard-copy of this is in the CERIAS Library
To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.