APA: an interior-oriented intrusion detection system based on multi-agents

Authors:
Dechang Pi;Qiang Wang;Weiqi Li;Jun Lv
Affiliations:
College of Information Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, Jiangsu, PR China;College of Information Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, Jiangsu, PR China;G.E International Software-System Co.Ltd, Nanjing, PR China;G.E International Software-System Co.Ltd, Nanjing, PR China
Venue:
ICCNMC'05 Proceedings of the Third international conference on Networking and Mobile Computing
Year:
2005

Citing 3
Cited 0

Effective Intrusion Detection Using Multiple Sensors in Wireless Ad Hoc Networks

HICSS '03 Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 2 - Volume 2
Lightweight agents for intrusion detection

Journal of Systems and Software
A modular architecture for distributed IDS in MANET

ICCSA'03 Proceedings of the 2003 international conference on Computational science and its applications: PartIII

Quantified Score

Hi-index	0.00

Visualization

Abstract

Considering some employees in the department abuse their privilege for personal gain through the local network, in the paper, we present a distributed intrusion detection system named APA (Application Process Audit), which tackles the interior violation. APA provides a multi-agents system to set up tailored intrusion detection systems for real-time applications. Data mining technologies have been applied to the alerts file and audit logs in order to find some interesting audit rules, at the same time the rules base can be automatically extend with these rules. The whole system has six kinds of agent, which cooperate with each other to implement the monitor. Now APA has been applied to several security departments and has received a good reputation.