Intrusion detection systems and multisensor data fusion
Communications of the ACM
Abstraction-based intrusion detection in distributed environments
ACM Transactions on Information and System Security (TISSEC)
Practical automated detection of stealthy portscans
Journal of Computer Security
Probabilistic Alert Correlation
RAID '00 Proceedings of the 4th International Symposium on Recent Advances in Intrusion Detection
An Architecture for Intrusion Detection Using Autonomous Agents
ACSAC '98 Proceedings of the 14th Annual Computer Security Applications Conference
Managing Alerts in a Multi-Intrusion Detection Environment
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
Clustering intrusion detection alarms to support root cause analysis
ACM Transactions on Information and System Security (TISSEC)
Techniques and tools for analyzing intrusion alerts
ACM Transactions on Information and System Security (TISSEC)
ICWS '04 Proceedings of the IEEE International Conference on Web Services
An efficient collaborative intrusion detection system for MANET using Bayesian Approach
Proceedings of the 9th ACM international symposium on Modeling analysis and simulation of wireless and mobile systems
A Bayesian game approach for intrusion detection in wireless ad hoc networks
GameNets '06 Proceeding from the 2006 workshop on Game theory for communications and networks
Network Security: Current Status and Future Directions
Network Security: Current Status and Future Directions
CISIS '08 Proceedings of the 2008 International Conference on Complex, Intelligent and Software Intensive Systems
Cooperating security managers: a peer-based intrusion detection system
IEEE Network: The Magazine of Global Internetworking
| Hi-index | 0.00 |
Security has become the Achilles' heel of many organizations in today's computer-dominated society. In this paper, a configurable intrusion detection and response framework named Mobile Agents based Distributed MAD security system was proposed for enterprise network consisting of a large number of mobile and handheld devices. The key idea of MAD is to use autonomous mobile agents as lightweight entities to provide unified interfaces for intrusion detection, intrusion response, information fusion, and dynamic reconfiguration. These lightweight agents can be easily installed and managed on mobile and handheld devices. The MAD framework includes a family of autonomous agents, servers and software modules. An Object-based intrusion modeling language mLanguage is proposed to allow easy data sharing and system control. A data fusion engine mEngine is used to provide fused results for traffic classification and intrusion identification. To ensure Quality-of-Service QoS requirements for end users, adaptive resource allocation scheme is also presented. It is hoped that this project will advance the understanding of complex, interactive, and collaborative distributed systems.