Title :
Agent-based Distributed Cooperative Intrusion Detection System
Author :
Zhao-wen, LIN ; Xing-Tian, REN ; Yan, Ma
Author_Institution :
BUPT Beijing Univ. of Posts & Telecommun., Beijing
Abstract :
Most of intrusion detection systems nowadays are not really distributed systems which cannot detect the distributed or cooperative attacks effectively. In this paper, an agent-based distributed cooperative model (ADCM) is proposed, which implements cooperative intrusion detection through efficient, normative event messages exchange among logic detection domains (LDD). Some specific detection agents are also presented which are independent separately, while they can communicate and cooperate with one another to take actions. The ADCM improves the ability of error tolerance and cooperation without degradation of efficiency. Prototype of a distributed intrusion detection system based on ADCM and the extended intrusion detection message exchange format is completed, which proves to be powerful as expected in detecting intrusions.
Keywords :
multi-agent systems; security of data; telecommunication security; agent-based distributed cooperative model; intrusion detection; logic detection domains; Autonomous agents; Computer science; Data analysis; Degradation; Educational institutions; Event detection; Intrusion detection; Logic; Protocols; Prototypes; Agent; Cooperative Model; Distributed Attack; Intrusion Detection;
Conference_Titel :
Communications and Networking in China, 2007. CHINACOM '07. Second International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-1009-5
Electronic_ISBN :
978-1-4244-1009-5
DOI :
10.1109/CHINACOM.2007.4469318
