Snort 2.1 Intrusion Detection, Second Edition
Snort 2.1 Intrusion Detection, Second Edition
Web Database Applications with PHP & MySQL, 2nd Edition
Web Database Applications with PHP & MySQL, 2nd Edition
The Tao Of Network Security Monitoring: Beyond Intrusion Detection
The Tao Of Network Security Monitoring: Beyond Intrusion Detection
Data base support for intrusion detection with honeynets
TELE-INFO'07 Proceedings of the 6th WSEAS Int. Conference on Telecommunications and Informatics
Data mining support for intrusion detection and prevention
ACS'06 Proceedings of the 6th WSEAS international conference on Applied computer science
| Hi-index | 0.00 |
The purpose of this paper is to discuss implementation of prototype multi-sensor agent-based intrusion detection system. We assume that it is possible to obtain data in tcpdump format. Using this standard allows a consistent presentation and interpretation of network traffic. We are especially interested in analyzing traffic that has an abnormal or malicious character and should prompt a closer look. In this paper we propose a framework for a multi-sensor agent-based intrusion detection system to support such analyses and response. A specific feature of the model is that the agents use multiple sensors to generate log files. We have developed a prototype based on this framework. This paper discusses also the issues of combining intelligent agent technology with intrusion detection methodology.