All Title Author
Keywords Abstract

Agent-based Intrusion Detection For Network-based Application

Keywords: Agent-based , IDMEF , intrusion detection , KQML

Full-Text   Cite this paper   Add to My Lib


Now days, different kinds of IDS systems are available for serving in the network distributed system, but these systems mainly concentrate on network-based and host-based detection. It is inconvenient to integrate these systems into distributed application servers for application-based intrusion detection. An agent-based IDS that can be smoothly integrated into the applications of enterprise information systems is proposed in this paper and we discuss the system architecture, agent structure, and integration mechanism. Our IDS system consists of three kinds of agents, namely, client agent, server agent and communication agent. This paper also explains how to integrate agents with an access control model for getting better security performance. By introducing standard protocols such as KQML, IDMEF into the design of agent, our agent-based IDS shows how to build more flexible software applications.


comments powered by Disqus