Decentralizing control and intelligence in network management
Proceedings of the fourth international symposium on Integrated network management IV
A Survey of Distributed Enterprise Network andSystems Management Paradigms
Journal of Network and Systems Management
Is it an Agent, or Just a Program?: A Taxonomy for Autonomous Agents
ECAI '96 Proceedings of the Workshop on Intelligent Agents III, Agent Theories, Architectures, and Languages
| Hi-index | 0.00 |
Increasing reliance of society, companies,... on networked information systems has prompted interest in making the information systems secure and dependable, so that they continue to perform their functions even in the presence of vulnerabilities susceptible to malicious attacks. To enable vulnerable systems to survive attacks, it is necessary to detect attacks and isolate failures resulting from attacks before they damage the system. In this filed of study the most important problems are: • Detecting in-progress attacks before they cause damage instead of detecting attacks after they have succeeded, • Minimizing damage by isolating attacked components in real-time and • Tracing the origin of attacks. We address the detection problem by real-time event monitoring and comparison against events known to be unacceptable. Our presented framework is composed of several parts that each other has a defined duty and is implemented using a specific method and technology. Using this framework, you can specify your security policy independent of the algorithm that you will use for detecting every type of intrusion. This framework is light-weight, dependable, fault tolerant, simple to implement and is defined based on new technology of intelligent agents and a new type of shared memory called mobile shared memory. Theses attributes differentiates our presented framework from other works.