Autonomous agents for distributed intrusion detection in a multi-host environment
Loading...
Authors
Ingram, Dennis J.
Subjects
Intrusion Detection
Artificial Intelligence
Autonomous Agents
Computer Security
Artificial Intelligence
Autonomous Agents
Computer Security
Advisors
Rowe, Neil
Date of Issue
1999-09
Date
Publisher
Monterey, California. Naval Postgraduate School
Language
en_US
Abstract
Because computer security in today's networks is one of the fastest expanding areas of the computer industry, protecting resources from intruders is an arduous task that must be automated to be efficient and responsive. Most intrusion-detection systems currently rely on some type of centralized processing to analyze the data necessary to detect an intruder in real time. A centralized approach can be vulnerable to attack. If an intruder can disable the central detection system, then most, if not all, protection is subverted. The research presented here demonstrates that independent detection agents can be run in a distributed fashion, each operating mostly independent of the others, yet cooperating and communicating to provide a truly distributed detection mechanism without a single point of failure. The agents can run along with user and system software without noticeable consumption of system resources, and without generating an overwhelming amount of network traffic during an attack
Type
Thesis
Description
Series/Report No
Department
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
xiv, 66 p.;28 cm.
Citation
Distribution Statement
Approved for public release; distribution is unlimited.