An Architecture for Intrusion Detection using Autonomous Agents

Get BibTex-formatted data

Download

PDF

Author

J. Balasubramaniyan, J. Garcia-Fernandex, D. Isacoff, E. Spafford, D. Zamboni

Tech report number

COAST TR 98-05

Entry type

techreport

Abstract

The Intrusion Detection System architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or effeciencey. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed Intrusion Detection System based on multiple independent entities working collectively. We call these entities Autonomous Agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.

Download

PDF

Date

1998 – June

URL

http://66.102.1.104/scholar?hl ... 7.9242&rep=rep1&type=pdf+

Institution

COAST Laboratory

Key alpha

balasubramaniyan

Number

COAST TR 98-05

Affiliation

Purdue University

Publication Date

2001-01-01

Language

English

Location

A hard-copy of this is in the CERIAS Library

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ balasubramaniyan,
	title = "An Architecture for Intrusion Detection using Autonomous Agents",
	author = "J. Balasubramaniyan, J. Garcia-Fernandex, D. Isacoff, E. Spafford, D. Zamboni",
	year = "1998",
	month = "June",
	institution = "COAST Laboratory",
	number = "COAST TR 98-05",
	abstract = "The Intrusion Detection System architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or effeciencey.  The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing.  In this paper, we review our architecture for a distributed Intrusion Detection System based on multiple independent entities working collectively.  We call these entities Autonomous Agents.  This approach solves some of the problems previously mentioned.  We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.",
	affiliation = "Purdue University",
	language = "English",
	url = "http://66.102.1.104/scholar?hl=en&lr=&q=cache:3_kdAPbguFEJ:citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.77.9242&rep=rep1&type=pdf+",
}