Intrusion detection
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Theory of Modeling and Simulation
Theory of Modeling and Simulation
Detection of Database Intrusion Using a Two-Stage Fuzzy System
ISC '09 Proceedings of the 12th International Conference on Information Security
Hi-index | 0.00 |
Application of agent technology in Intrusion Detection Systems (IDSs) has been developed. Intrusion Detection (ID) agent technology can bring IDS flexibility and enhanced distributed detection capability. However, the security of the ID agent and methods of collaboration among ID agents are important problems noted by many researchers. In this paper, coordination among the intrusion detection agents by BlackBoard Architecture (BBA), which transcends into the field of distributed artificial intelligence, is introduced. A system using BBA for information sharing can easily be expanded by adding new agents and increasing the number of BlackBoard (BB) levels. Moreover the subdivided BB levels enhance the sensitivity of ID. This paper applies fuzzy logic to reduce the false positives that represent one of the core problems of IDS. ID is a complicated decision-making process, generally involving enormous factors regarding the monitored system. A fuzzy logic evaluation component, which represents a decision agent model of in distributed IDSs, considers various factors based on fuzzy logic when an intrusion behavior is analyzed. The performance obtained from the coordination of an ID agent with fuzzy logic is compared with the corresponding non-fuzzy type ID agent.