Skip to main content
SpringerLink
Log in

A Useful System Prototype for Intrusion Detection – Architecture and Experiments

  • Conference paper
Discovery Science (DS 2004)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3245))

Included in the following conference series:

  • 874 Accesses

Abstract

With the ever increasing sophistication of attacking techniques, intrusion detection has been a very active field of research. We are designing and implementing a prototype intrusion detection system (IADIDF) that is composed of distributed agents. This paper describes the function of entities, defines the communication and alert mechanism. There are three main agents include Detectors, Managers and Communicators. Each agent operates cooperatively yet independently of the others, providing for efficiency alerts and distribution of resources. Communication mechanism is composed of three layers, which are Transport, Hosts and MessageContent layers. All entities of the prototype are developed in C program under Linux platform. Then, we analyze system performance, advantages of the prototype, and come to a conclusion that the operating of agents will not impact system heavily.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, J.P.: Computer Security Threat Monitoring and Surveillance. James P. Anderson Co., Fort Washington (1980)

    Google Scholar 

  2. Balasubramaniyan, J.S., Garcia-Fernandez, J.O., Isacoff, D., Spafford, E., Zamboni, D.: An Architecture for Intrusion Detection Using Autonomous Agents. CERIAS Technical Report, Purdue University (1998)

    Google Scholar 

  3. Lee, W.: A Data Mining Framework for Constructing Features and Models for Intrusion Detection Systems. Computer science department, Columbia University (1999)

    Google Scholar 

  4. Huang, M.-Y., Jasper, R.J., Wicks, T.M.: A Large Scale Distributed Intrusion Detection Framework based on Attack Strategy Analysis. Computer Networks 31, 2465–2475 (1999)

    Article  Google Scholar 

  5. Du, Y., Wang, H., Pang, Y.: A Framework for Intrusion Detection. In: Proceedings of 3rd International Conference on Grid and Cooperative Computing, Wuhan, China (2004)

    Google Scholar 

  6. Verwoerd, T., Hunt, R.: Intrusion Detection Techniques and Approaches. Computer Communications 25, 1356–1365 (2002)

    Article  Google Scholar 

  7. Ptacek, T.H., Newsham, T.N.: Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection. Secure Networks Inc. (1998)

    Google Scholar 

  8. Müller, H.J.: Negotiation principles. In: O’Hare, J.N.R. (ed.) Foundation of Distributed Artificial Intelligence 6th Generation Computer Technology Series, pp. 211–229. John Wiley & Sons Inc., New York (1996)

    Google Scholar 

  9. Barrus, J., Rowe, N.C.: A Distributed Autonomous-Agent Network-Intrusion Detection and Response System, http://www.cs.nps.navy.mil/people/faculty/rowe/barr-uspap.html

  10. Labrou, Y., Finin, T.: A Proposal for A New KQML Specification. Technical TR CS-97-03, University of Maryland (1997)

    Google Scholar 

  11. Finin, T., Labrou, Y., Mayfield, J.: KQML As An Agent Communication Language. In: Bradshaw, J.M. (ed.) Software Agents, pp. 291–316. AAAI Press, Menlo Park (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Harbin Engineering University, 150001, Harbin, China

    Ye Du, Huiqiang Wang & Yonggang Pang

Authors
  1. Ye Du
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huiqiang Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yonggang Pang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, Graduate School of Information Science and Electrical Engineering, Kyushu University, 744 Motooka, Nishi, 819-0395, Fukuoka, Japan

    Einoshin Suzuki

  2. Kyushu University, 6–10–1 Hakozaki Higashi-ku, 812–8581, Fukuoka, Japan

    Setsuo Arikawa

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Du, Y., Wang, H., Pang, Y. (2004). A Useful System Prototype for Intrusion Detection – Architecture and Experiments. In: Suzuki, E., Arikawa, S. (eds) Discovery Science. DS 2004. Lecture Notes in Computer Science(), vol 3245. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30214-8_35

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30214-8_35

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-23357-2

  • Online ISBN: 978-3-540-30214-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation