Agent IDS based on Misuse Approach
نویسندگان
چکیده
In this paper, we aim at presenting an implementation of a new agent IDS (Intrusion Detection System) model, based on misuse approach. Through its ease to detect simulated attacks, we show that the use of mobile agents has practical advantages for intrusion detection. Based on a set of simulated intrusions, we established a comparative experimental study of four IDSs, showing that most of current IDS are generally centralized and suffer from significant limitations when used in high speed networks, especially when they face distributed attacks. This leads us to use distributed model based on mobile agents paradigm. We believe that agent will help collecting efficient and useful information for IDS.
منابع مشابه
An Adaptive Hybrid Multi-level Intelligent Intrusion Detection System for Network Security
Intrusion Detection System (IDS) plays a vital factor in providing security to the networks through detecting malicious activities. Due to the extensive advancements in the computer networking, IDS has become an active area of research to determine various types of attacks in the networks. A large number of intrusion detection approaches are available in the literature using several traditional...
متن کاملAn Adaptive Hybrid Multi-level Intelligent Intrusion Detection System for Network Security P. Ananthi and P. Balasubramanie Kongu Engineering College, India
Intrusion Detection System (IDS) plays a vital factor in providing security to the networks through detecting malicious activities. Due to the extensive advancements in the computer networking, IDS has become an active area of research to determine various types of attacks in the networks. A large number of intrusion detection approaches are available in the literature using several traditional...
متن کاملIntrusion Detection System Based on Data Mining Techniques
Network security is one of the most important non-functional requirements in a system. Over the years, many software solutions have been developed to enhance network security. Intrusion Detection System (IDS) we have provided an overview of different types of intrusion Detection Systems, the advantages and disadvantages of the same. The need for IDS in a system environment and the generic block...
متن کاملA hybrid intrusion detection system design for computer network security
Intrusions detection systems (IDSs) are systems that try to detect attacks as they occur or after the attacks took place. IDSs collect network traffic information from some point on the network or computer system and then use this information to secure the network. Intrusion detection systems can be misuse-detection or anomaly detection based. Misuse-detection based IDSs can only detect known a...
متن کاملMeasuring IDS-estimated attack impacts for rational incident response: A decision theoretic approach
Intrusion detection system (IDS) plays a vital role in defending our cyberspace against attacks. Either misuse-based IDS or anomaly-based IDS, or their combinations, however, can only partially reflect the true system state due to excessive false alerts, low detection rate, and inaccurate incident diagnosis. An automated response component built upon IDS therefore must consider the stale and im...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- JSW
دوره 4 شماره
صفحات -
تاریخ انتشار 2009