Loading...
Please wait, while we are loading the content...
Similar Documents
A social agent-based approach to intrusion detection systems.
| Content Provider | CiteSeerX |
|---|---|
| Author | Richardson, Theodor Trajkovski, Goran |
| Abstract | Network Intrusion Detection Systems (NIDS) are designed to differentiate malicious traffic from normal traffic on a network system to detect the presence of an attack. Traditionally, the approach around which these systems are designed is based upon an assumption made by Dorothy Denning in 1987 stating that malicious traffic should be statistically differentiable from normal traffic [1]; however, this statement was made regarding host systems and was not meant to be extended without adjustment to network systems. It is therefore necessary to change the granularity of this approach to find statistical anomalies per host as well as on the network as a whole. This approach lends itself well to the use of emergent monitoring agents per host that have a central aggregation point with a visualization of the network as a whole. This paper will discuss the structure, training, and deployment of such an agent-based intrusion detection system and analyze its viability in comparison to the more traditional anomaly-based approach to intrusion detection. |
| File Format | |
| Access Restriction | Open |
| Subject Keyword | Social Agent-based Approach Intrusion Detection System Normal Traffic Malicious Traffic Network System Central Aggregation Point Network Intrusion Detection System Host System Agent-based Intrusion Detection System Emergent Monitoring Agent Dorothy Denning Traditional Anomaly-based Approach Statistical Anomaly |
| Content Type | Text |
| Resource Type | Article |
