Intrusion detection using autonomous agents
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
A new learning method for single layer neural networks based on a regularized cost function
IWANN'03 Proceedings of the Artificial and natural neural networks 7th international conference on Computational methods in neural modeling - Volume 1
Engineering Applications of Artificial Intelligence
Hi-index | 0.03 |
We describe the design of a misuse detection agent, one of the different agents in a multiagent-based intrusion detection system. This system is being implemented in JADE, a well-known multiagent platform based in Java. The agent analyzes the packets in the network connections using a packet sniffer and then creates a data model based on the information obtained. This data model is the input to a rule-based agent inference engine, which uses the Rete algorithm for pattern matching, and the rules of the signature-based intrusion detection system Snort. Specifically, an implementation in Java language --- the Drools-JBoss Rules--- was used, and a parser was implemented that converts Snort rules to Drools rules. The use of object-oriented techniques, together with design patterns, means that the agent is flexible, easily configurable and extensible.