Practical guide for implementing secure intranets and extranets
Practical guide for implementing secure intranets and extranets
Building secure software: how to avoid security problems the right way
Building secure software: how to avoid security problems the right way
An Intelligent Agent Security Intrusion System
ECBS '02 Proceedings of the 9th IEEE International Conference on Engineering of Computer-Based Systems
Practical Network Applications on a Lightweight Active Management Environment
IWAN '01 Proceedings of the IFIP-TC6 Third International Working Conference on Active Networks
Commercially viable active networking
ACM SIGOPS Operating Systems Review
Seraphim: An Active Security Architecture for Active Networks
Seraphim: An Active Security Architecture for Active Networks
A multi-agent cooperative model and system for integrated security monitoring
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Research in intrusion detection system based on mobile agent
ICICA'11 Proceedings of the Second international conference on Information Computing and Applications
Hi-index | 0.01 |
This paper presents a multi-agent model for implementing active security concepts. In this model, a group of agents can carry out their tasks cooperatively in order to achieve an ultimate security goal. Thus a low-level module of the proposed model reads the values of interesting data items of the relevant current network events and passes them to a relational database. Comparing these measurements against predefined values in an intruder signature database may point to a particular attack.The proposed model consists of two parts. (1) A multiagent Intrusion Detection System (MIDS) for detecting attacks. (2) An Active Security Mechanism (ASM) for taking active, network-wide, response against attackers. The proposed approach provides a customizable host environment built from various systems software components to allow an optimal match between the intrusion circumstances and the underlying security architecture. Thus, different frameworks can support alternative responses of existing security services. In addition, the ASM can take rapid response against attacks by making use of sensible sharing of attack intelligence. System agents communicate with each other on different hosts using an agent communication language through a message router.