6 research outputs found
Multiagent Systems for Network Intrusion Detection: A Review
More and more, Intrusion Detection Systems (IDSs) are seen as an important component in comprehensive security solutions. Thus, IDSs are common elements in modern infrastructures to enforce network policies. So far, plenty of techniques have been applied for the detection of intrusions, which has been reported in many surveys. This work focuses the development of network-based IDSs from an architectural point of view, in which multiagent systems are applied for the development of IDSs, presenting an up-to-date revision of the state of the art
Aphids++ : evolution of a programmable hybrid intrusion detection system
With the rapid growth of the Internet and the ever-increasing security problems
associated with its popularity, the need for protection against unwanted
intruders has become essential. Antivirus software, intrusion detection systems,
spyware and malware detectors are some of the protection mechanisms
available to users today. The diversity of these manifold systems suggests the
need for a unifying managerial system, such as APHIDS (A Programmable
Hybrid Intrusion Detection System), a mobile agent based IDS, which can
correlate and coalesce preexisting security components. In this thesis we
provide a description of improvements made to the initial APHIDS design,
comprising the addition of an optional intelligent agent meant to improve
the response of APHIDS in detecting VoIP (Voice over IP) and generic
intrusions; and an XML implementation of our Agent Deployment and Correlation
Script (ADCS), which is used to initialize the agent environment,
allowing for flexible user modifications to control the deployment and invocation
of mobile agents.Science, Faculty ofComputer Science, Department ofGraduat