Visualization in Detection of Intrusions and Misuse in Large Scale Networks
IV '00 Proceedings of the International Conference on Information Visualisation
A Network State Based Intrusion Detection Model
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Multi-Agent based Intrusion Detection Architecture
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Intranet Security with Micro-Firewalls and Mobile Agents for Proactive Intrusion Response
ICCNMC '01 Proceedings of the 2001 International Conference on Computer Networks and Mobile Computing (ICCNMC'01)
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
Multiresolution data integration using mobile agents in distributedsensor networks
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
On the trail of intrusions into information systems
IEEE Spectrum
Hi-index | 0.02 |
In this paper, we proposed a behaviour-based intrusion detection and response system for the internet worm. The LAWS (Lambent Anti-Worm System) can detect the intruded services and influenced range automatically. Besides, it also can analyse the key information of the intrusion. The worm can attack a large number of computers via a network in a very short period, especially distributed damage via the network services. Those worms always enter or attack computers by the backdoor or under-channel. There is no effective solution to prevent the damage caused by worms. We can stop the worm's distribution and intrusion in advance according to the information from LAWS. In addition to detecting and preventing the distribution of well-known malicious worms, the LAWS can also defend against the future unknown, or new malicious worms. Mobile agents will help the LAWS to form a cooperated defence system (CDS) for other LAWS's users over the internet. The contribution of our system is to decrease the response time of attack and reduce the damaged range. At the same time, it also diminishes the damage and decreases the fixed cost.