Multifacetted modelling and discrete event simulation
Multifacetted modelling and discrete event simulation
Object-oriented simulation with hierarchical, modular models: intelligent agents and endomorphic systems
Artificial intelligence (3rd ed.)
Artificial intelligence (3rd ed.)
A hierarchical, modular simulation environment for flexible manufacturing system modeling
A hierarchical, modular simulation environment for flexible manufacturing system modeling
A Methodology for Testing Intrusion Detection Systems
IEEE Transactions on Software Engineering
An analysis of security incidents on the Internet 1989-1995
An analysis of security incidents on the Internet 1989-1995
High-performance communication networks (2nd ed.)
High-performance communication networks (2nd ed.)
Intrusion detection
Intrusion Detection
Theory of Modelling and Simulation
Theory of Modelling and Simulation
Simulation Modeling and Analysis
Simulation Modeling and Analysis
Network Intrusion Detection: An Analyst's Handbook
Network Intrusion Detection: An Analyst's Handbook
Hacking Exposed; Network Security Secrets and Solutions
Hacking Exposed; Network Security Secrets and Solutions
Expert Systems: Principles and Programming
Expert Systems: Principles and Programming
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
TCP/IP Protocol Suite
A Review Of Artificial Intelligence In Simulation
ACM SIGART Bulletin
A knowledge-based simulation environment for hierarchical flexible manufacturing
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Cooperating security managers: a peer-based intrusion detection system
IEEE Network: The Magazine of Global Internetworking
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Vulnerability Assessment Simulation for Information Infrastructure Protection
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
System specification based network modeling for survivability testing simulation
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Vulnerability modeling and simulation for DNS intrusion tolerance system construction
AIS'04 Proceedings of the 13th international conference on AI, Simulation, and Planning in High Autonomy Systems
| Hi-index | 0.00 |
An intrusion detection system (IDS) attempts to identify unauthorized use, misuse, and abuse of computer and network systems. As intrusions become more sophisticated, dealing with them moves beyond the scope of one IDS. The need arises for systems to cooperate with one another, to manage diverse attacks across networks. The feature of recent attacks is that the packet delivery is moderately slow, and the attack sources and attack targets are distributed. These attacks are called "stealthy attacks." To detect these attacks, the deployment of distributed IDSs is needed. In such an environment, the ability of an IDS to share advanced information about these attacks is especially important. In this research, the IDS model exploits blacklist facts to detect the attacks that are based on either slow or highly distributed packets. To maintain the valid blacklist facts in the knowledge base of each IDS, the model should communicate with the other IDSs. When attack level goes beyond the interaction threshold, ID agents send interaction messages to ID agents in other hosts. Each agent model is developed as an interruptible atomic-expert model in which the expert system is embedded as a model component.