Agent-Based Distributed Intrusion Alert System

10 years 4 months ago
Agent-Based Distributed Intrusion Alert System
Intrusion detection for computer systems is a key problem in today’s networked society. Current distributed intrusion detection systems (IDSs) are not fully distributed as most of them centrally analyze data collected from distributed nodes resulting in a single point of failure. Increasingly, researchers are focusing on distributed IDSs to circumvent the problems of centralized approaches. A major concern of fully distributed IDSs is the high false positive rates of intrusion alarms which undermine the usability of such systems. We believe that effective distributed IDSs can be designed based on principles of coordinated multiagent systems. We propose an Agent-Based Distributed Intrusion Alert System (ABDIAS) which is fully distributed and provides two capabilities in addition to other functionalities of an IDS: (a) early warning when pre-attack activities are detected, (b) detecting and isolating compromised nodes by trust mechanisms and voting-based peer-level protocols.
Arjita Ghosh, Sandip Sen
Added 02 Jul 2010
Updated 02 Jul 2010
Type Conference
Year 2004
Where IWDC
Authors Arjita Ghosh, Sandip Sen
Comments (0)