Abstract
Intrusion detection systems are quickly becoming a standard requirement in building a network security infrastructure. Although many established techniques and commercial products exist, their effectiveness leaves room for improvement. We propose an intrusion detection system architecture which takes advantage of the mobile agent paradigm to implement a system capable of efficient and flexible distribution of analysis and monitoring tasks, as well as integration of existing detection techniques. Our architecture defines a high-level application specific scripting language to specify the interaction between monitoring agents and analysis agents.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Roesch, M.: Snort – lightweight intrusion detection system for networks. In: Proceedings of USENIX LISA 1999 (1999)
Crosbie, M., Spafford, G.: Defending a computer system using autonomous agents. In: 8th National Information Systems Security Conference (1996)
Balasubramaniyan, J.S., G.F., J.O., Isacoff, D., Spafford, E., Zamboni, D.: An architecture for intrusion detection using autonomous agents. Technical Report 98/05, COAST Laboratory, Purdue University (1998)
Wu, Y.S., Foo, B., Mei, Y., Bagchi, S.: Collaborative intrusion detection system (cids): A framework for accurate and efficient ids. In: Proceedings of the 19th Annual Computer Security Applications Conference, ACSAC 2003 (2003)
Asaka, M., Taguchi, A., Goto, S.: The implementation of ida: An intrusion detection agent system. In: Proceedings of the 11th FIRST Conference (1999)
Faukia, N., Billard, D., Harms, J.: Computer system immunity using mobile agents. In: HP Openview University Association 8th Annual Workshop (2001)
Faukia, N., Hassas, S., Fenet, S., Albequerque, P.: Combining immune system and social insect metaphors: A paradimg for intrusion detection and response system. In: Proceedings of the 5th International Workshop for Mobile Agents for Telecommunication Applications (2003)
Duarte de Queiroz, J., Fernando Rust da Costa Carmo, L., Pirmez, L.: Micael: An autonomous mobile agent system to protect new generation networked applications. In: 2nd Annual Workshop on Recent Advances in Intrusion Detection (1999)
Li, C., Song, Q., Zhang, C.: Ma-ids architecture for distributed intrusion detection using mobile agents. In: Proceedings of the 2nd International Conference on Information Technology for Application, ICITA 2004 (2004)
Kruegel, C., Toth, T.: Sparta – a mobile agent based intrusion detection system. In: Proceedings of the IFIP Conference on Network Security, I-NetSec (2001)
Paxson, V.: Bro: A system for detecting network intruders in real-time. Computer Networks 31, 2435–2463 (1999)
Vigna, G., Kemmerer, R.A.: Netstat: A network-based intrusion detection system. Journal of Computer Security 7 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Deeter, K., Singh, K., Wilson, S., Filipozzi, L., Vuong, S. (2004). APHIDS: A Mobile Agent-Based Programmable Hybrid Intrusion Detection System. In: Karmouch, A., Korba, L., Madeira, E.R.M. (eds) Mobility Aware Technologies and Applications. MATA 2004. Lecture Notes in Computer Science, vol 3284. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30178-3_23
Download citation
DOI: https://doi.org/10.1007/978-3-540-30178-3_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23423-4
Online ISBN: 978-3-540-30178-3
eBook Packages: Springer Book Archive