An introduction to software agents
Software agents
Security in Computing
Anomaly Detection over Noisy Data using Learned Probability Distributions
ICML '00 Proceedings of the Seventeenth International Conference on Machine Learning
An Architecture for Intrusion Detection Using Autonomous Agents
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Mining Alarm Clusters to Improve Alarm Handling Efficiency
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Coordinated internet attacks: responding to attack complexity
Journal of Computer Security
KES'05 Proceedings of the 9th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
A novel approach to programming: agent based software engineering
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part III
| Hi-index | 0.00 |
Three reasons, in our opinion, are responsible for the high false alarm rate of current intrusion detection practice. They are: (i) only single information source is analysed by an intrusion detection system, (ii) only a single method is used for the analysis, and (iii) there is no distinction of vulnerability, threat, attack, and intrusion. This paper first studies the dynamics of attackers and defenders and then lists all possible information sources. A multiple agents based integrated intrusion detection system (IIDS) is then proposed. The status of our current work is also discussed.