Intrusion detection using autonomous agents
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Using internal sensors and embedded detectors for intrusion detection
Journal of Computer Security
Throttling Viruses: Restricting propagation to defeat malicious mobile code
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Microsoft Exchange Server 2003 Advanced Administration
Microsoft Exchange Server 2003 Advanced Administration
The use of mobile agents in tracing an intruder in a local area network
PRICAI'00 Proceedings of the 6th Pacific Rim international conference on Artificial intelligence
A Deployment Value Model for Intrusion Detection Sensors
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Hi-index | 0.00 |
An intrusion detection sensor is defined as a device that collects and analyses network traffic for the purpose of identifying suspicious events. Too often the value of a sensor is associated with its data collection and analysis features. Experience tells us such sensors fall under a range of different types and are diverse in their operational characteristics, some of which have been little studied. In this article, researchers from the Cranfield and York universities examine some of these characteristics, such as location and response, and also characterise the various costs associated with such sensors. A common definition for an intrusion detection sensor defines it as a ''device that collects and analyses network traffic for the purpose of identifying suspicious events''.^1 Too often the value of a sensor is associated with its data collection and analysis features. This is inevitable since so many of the intrusion detection systems (IDS) are designed with such characteristics in mind. Experience tells us such sensors fall under a range of different types with diverse operational characteristics, some of which have been little studied. There is a need to examine some of these characteristics to appreciate the value they add to sensor deployments particularly from a system perspective. Such characteristics are important if sensors are to be assessed collectively as opposed to the effectiveness of individual sensors.