AGENT-BASED INTRUSION DETECTION SYSTEM FOR INTEGRATION
Jianping Zeng, Donghui Guo
2005
Abstract
More and more application services are provided and distributed over the Internet for public access. However, the security of distributed application severs is becoming a serious problem due to many possible attacks, such as deny of service, illegal intrusion, etc. Because of weakness of the firewall systems in ensuring security, intrusion detection system (IDS) becomes popular. Now, many kinds of IDS systems are available for serving in the Internet distributed system, but these systems mainly concentrate on network-based and host-based detection. It is inconvenience to integrate these systems to distributed application servers for application-based intrusion detection. An agent-based IDS that can be smoothly integrated into applications of enterprise information systems is proposed in this paper. We will introduce its system architecture, agent structure, integration mechanism, and etc. In such an IDS system, there are three kinds of agents, i.e. client agent, server agent and communication agent. This paper is also to explain how to integrate agents with access control model for getting better security performance. By introducing standard protocol such as KQML, IDMEF into the design of agent, our agent-based IDS shows much more flexible for built in different kinds of software application system.
References
- Loshin, P., 2001. Intrusion detection. Computer World. http://www.computerworld.com/hardwaretopics/hard ware/story/0,10801,59611,00.html.
- Roy A. Maxion, and Tahlia N. Townsend, 2004. Masquerade Detection Augmented With Error Analysis. IEEE TRANSACTIONS ON RELIABILITY, VOL. 53, NO. 1, MARCH 2004
- B. Mukherjee, T. L. Heberlein, and K. N. Levitt. 1994. Network intrusion detection. IEEE Network, 8(3):26- 41, May/June 1994.
- Coull, S.; Branch, J.; Szymanski, B.; Breimer, E.; 2003. Intrusion detection: a bioinformatics approach. Proceedings on Computer Security Applications Conference, 19th Annual, 2003,Pages:24 - 33
- M. Schonlau, W. DuMouchel, W.-H. Ju, A. F. Karr, M. Theus, and Y. Vardi, 2001. “Computer intrusion: Detecting masquerades,” Statistical Science, vol. 16, no. 1, pp. 58-74, Feb. 2001.
- J. M. Bradshaw.1997. An introduction to software agents. In J. M. Bradshaw, editor, Software Agents, chapter 1. AAAI Press/The MIT Press, 1997.
- Balasubramaniyan, J.S.; Garcia-Fernandez, J.O.; Isacoff, D.; Spafford, E.; Zamboni, D.; 1998. An architecture for intrusion detection using autonomous agents. Proceedings on Computer Security Applications Conference, 14th Annual , 7-11 Dec. 1998 Pages:13 - 24
- Hegazy, I.M.; Al-Arif, T.; Fayed, Z.T.; Faheem, H.M.; 2003. A multi-agent based system for intrusion detection. Potentials, IEEE , Volume: 22 , Issue: 4 , Oct.-Nov. 2003 Pages:28 - 31
- Pikoulas, J.; Buchanan, W.; Mannion, M.; Triantafyllopoulos, K.; 2002. An intelligent agent security intrusion system. Proceedings on IEEE International Conference and Workshop on the Engineering of Computer-Based Systems, Ninth Annual, 8-11 April 2002 Pages:94 - 99
- Liu Yong; Xu Congfu; Chen Weidong; Pan Yunhe; KQML realization algorithms for agent communication. Fifth World Congress on Intelligent Control and Automation, 2004. WCICA 2004.Volume: 3 , June 15-19, 2004 Pages:2376 - 2379
- D. Curry, H. Debar, M. Huang. 2000. IDMEF Data Model and XML DTD http://www.oasisopen.org/cover/IDMEF-provisional-draft-ietf-idwgidmef-xml-02.html , DEC 5,2000
- Millett, L.I.; Holden, S.H.; 2003. Authentication and its privacy effects. Internet Computing, IEEE , Volume: 7 , Issue: 6 , Nov.-Dec. 2003 Pages:54 - 58
Paper Citation
in Harvard Style
Zeng J. and Guo D. (2005). AGENT-BASED INTRUSION DETECTION SYSTEM FOR INTEGRATION . In Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 2: ICEIS, ISBN 972-8865-19-8, pages 176-181. DOI: 10.5220/0002516401760181
in Bibtex Style
@conference{iceis05,
author={Jianping Zeng and Donghui Guo},
title={AGENT-BASED INTRUSION DETECTION SYSTEM FOR INTEGRATION},
booktitle={Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 2: ICEIS,},
year={2005},
pages={176-181},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002516401760181},
isbn={972-8865-19-8},
}
in EndNote Style
TY - CONF
JO - Proceedings of the Seventh International Conference on Enterprise Information Systems - Volume 2: ICEIS,
TI - AGENT-BASED INTRUSION DETECTION SYSTEM FOR INTEGRATION
SN - 972-8865-19-8
AU - Zeng J.
AU - Guo D.
PY - 2005
SP - 176
EP - 181
DO - 10.5220/0002516401760181