Distributed Intrusion Detection for Computer Systems Using Communicating Agents
Loading...
Authors
Ingram, Dennis J.
Kremer, H. Steven
Rowe, Neil C.
Subjects
Advisors
Date of Issue
2000-06
Date
June 2000
Publisher
Monterey, California. Naval Postgraduate School
Language
Abstract
Intrusion detection for computer systems is a key problem of the Internet, and the Windows NT operating system has
a number of vulnerabilities. The work presented here demonstrates that independent detection agents under
Windows NT can be run in a distributed fashion, each operating mostly independent of the others, yet cooperating
and communicating to provide a truly distributed detection mechanism without a single point of failure. The agents
can run along with user and system software without noticeable consumption of system resources, and without
generating an overwhelming amount of network traffic during an attack.
Type
Conference Paper
Description
This paper appeared in the Proceedings of the 2000 Command and Control Research and Technology Symposium
(CCRTS), Monterey, CA, June 11-13, 2000, and won the award for “Best Paper”.
Series/Report No
Department
Computer Science (CS)
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Proceedings of the 2000 Command and Control Research and Technology Symposium
(CCRTS), Monterey, CA, June 2000
Distribution Statement
Approved for public release; distribution is unlimited.