Using correlation engine and mobile agents for intrusion detection

IMAIDS project (Intelligent Mobile Agent for Intrusion Detection System) is carried out by five 5th year students, Réginald Lips, Nicolas Carlier, Damien Molot, Jean-Marie Peschoux and Alexandre Luciani, from Epitech (European Institute of Technology; http: // www. epitech. net/ ), within the framework of their end of studies project. The purpose of this document is to present a part of our research project which is using an expert system as correlation engine and mobile agents for intrusion detection. This paper has been co-written by Réginald Lips, project leader of IMAIDS, Nabil El-Kadhi, director of the LERIA, and Davide Del Vecchio, senior security consultant for Telecom Italia. First, we will remind the goal and the general context of IMAIDS project, its objectives and the research topics aborded. Moreover, we will describe more in details the implementation and the theoretical basics of the expert system used to make a functionnal correlation engine applied to a mobile agent platform for intrusion detection.