Distributed Intrusion Detection Using Mobile Agents
Keywords:
Intrusion Detection, Network Security, Distributed Networking, Mobile AgentsAbstract
DIDMA (Distributed Intrusion Detection using Mobile Agents) is a novel architecture in the field of IDS (Intrusion Detection Systems), utilizing an agent-based approach in order to realize a distributed framework. The novelty in this architecture is the employment of mobile agents as its auditing components. This novel approach overcomes certain problems associated with traditional designs in IDS. In particular, problematic areas such as high-speed networks, not visible traffic, and fail-open architecture have been successfully managed. Moreover, the fault tolerant decentralized design of DIDMA clearly demonstrated resilience against active attacks.
References
- J. McHugh, A. Christie, J. Allen, Defending Yourself: The Role of Intrusion Detection Systems, IEEE Software Magazine, Vol.17, No.5, 2000.
- W. R. Cockayne, M. Zyda, Mobile Agents, Prentice Hall, 1998.
- S. Northcutt, Network Intrusion Detection: An Analysts’ Handbook, Second Edition, New Riders Publishing, 1999.
- J. J. Ordille, When Agents Roam, Who Can You Trust?, Bell Labs Computing Science Research Center
- J.S Balasubramaniyan, J. O. Garcia-Fernandez,D. Isacoff, E. Spafford, D. Zamboni, An Architecture for Intrusion Detection usingAutonomous Agents, CERIAS Technical Report 98/05, Purdue University, 1998.
- B. Mukherjee, T. L. Heberlein, K. N. Levitt, Network Intrusion Detection, IEEE Network Magazine, Vol.8, No.3, 1994.
- Sun Microsystems Inc., Sun EnterpriseNetwork Security Service
Downloads
Published
Issue
Section
License
Copyright (c) IJSRCSEIT
This work is licensed under a Creative Commons Attribution 4.0 International License.