Intrusion detection using autonomous agents
Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on recent advances in intrusion detection systems
Evaluating the Impact of Automated Intrusion Response Mechanisms
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
A P2P intrusion detection system based on mobile agents
ACM-SE 42 Proceedings of the 42nd annual Southeast regional conference
Cooperating security managers: a peer-based intrusion detection system
IEEE Network: The Magazine of Global Internetworking
MA-DIDS: A Multi-Agent Based Distributed Intrusion Detection System
Proceedings of the 2005 conference on Self-Organization and Autonomic Informatics (I)
An immunological approach for file recovery over JXTA peer-to-peer framework
International Journal of Network Management
A multi-agent cooperative model and system for integrated security monitoring
CANS'06 Proceedings of the 5th international conference on Cryptology and Network Security
Hi-index | 0.00 |
This paper deals with a new approach to build a completely distributed and decentralized Intrusion Detection and Response System (IDRS) in computer networks. This approach is called Intrusion Detection and Response executed with Agent Mobility or IDReAM for short. Conceptually, IDReAM combines Mobile Agents (MAs) with self-organizing paradigms inspired by natural life systems. The Intrusion Detection System (IDS) borrows mechanisms from the immune system that protect the human body against external aggressions. The Intrusion Response System (IRS) borrows mechanisms from the stigmergic paradigm of a colony of ants. The two natural systems exhibit a social life by the organization of their entities (immune cells and ants) which is not possible without the functionality of mobility. Thus, in a natural way, MAs are good candidates to provide this property of mobility. After having presented IDReAM's conceptual model in a previous paper, the present paper concretely describes IDReAM's architecture and the corresponding implementation based on the conceptual model. The implementation is carried out with J-Seal2, a pure Java MA platform. This paper also provides IDReAM's assessment in term of resource consumption and intrusion detection and intrusion response efficiency.