An architecture for intrusion detection using autonomous agents

An architecture for intrusion detection using autonomous agents

The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Balasubramaniyan, J.S., Garcia-Fernandez, J.O., Isacoff, D., Spafford, E., Zamboni, D.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Authorization
Autonomous agents
Contracts
Ear
Event detection
Intrusion detection
Laboratories
MONOS devices
Prototypes
Read only memory
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 24
container_issue
container_start_page 13
container_title
container_volume
creator Balasubramaniyan, J.S.
Garcia-Fernandez, J.O.
Isacoff, D.
Spafford, E.
Zamboni, D.
description The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.
doi_str_mv 10.1109/CSAC.1998.738563
format Conference Proceeding
fullrecord <record><control><sourceid>ieee_6IE</sourceid><recordid>TN_cdi_ieee_primary_738563</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>738563</ieee_id><sourcerecordid>738563</sourcerecordid><originalsourceid>FETCH-LOGICAL-i174t-bdf414eb84540765e33bb940d50c26287441bdf2f94daa53651a0ab25bc1ee143</originalsourceid><addsrcrecordid>eNotT0tLxDAYDD7A7updPOUPtObLOycpxVVhwYN6XpI2XSNuKkl68N_bZT3Ng5mBQegWSANAzH331nYNGKMbxbSQ7AxVVChZGyDsHK2IBi210oZfoAqIZLURVF2hVc5fhCw9BRV6aCO2qf8MxfdlTh6PU8IhljTnMEU8-KN_ZIuOe2znMsXpMM0Z272PJV-jy9F-Z3_zj2v0sXl8757r7evTS9du6wCKl9oNIwfuneaCEyWFZ8w5w8kgSE8l1YpzWDJ0NHywVjApwBLrqHA9eA-crdHdaTd473c_KRxs-t2dfrM_8dlKyw</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>An architecture for intrusion detection using autonomous agents</title><source>IEEE Electronic Library (IEL) Conference Proceedings</source><creator>Balasubramaniyan, J.S. ; Garcia-Fernandez, J.O. ; Isacoff, D. ; Spafford, E. ; Zamboni, D.</creator><creatorcontrib>Balasubramaniyan, J.S. ; Garcia-Fernandez, J.O. ; Isacoff, D. ; Spafford, E. ; Zamboni, D.</creatorcontrib><description>The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.</description><identifier>ISSN: 1063-9527</identifier><identifier>ISBN: 0818687894</identifier><identifier>ISBN: 9780818687891</identifier><identifier>EISSN: 2576-9103</identifier><identifier>DOI: 10.1109/CSAC.1998.738563</identifier><language>eng</language><publisher>IEEE</publisher><subject>Authorization ; Autonomous agents ; Contracts ; Ear ; Event detection ; Intrusion detection ; Laboratories ; MONOS devices ; Prototypes ; Read only memory</subject><ispartof>Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217), 1998, p.13-24</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/738563$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,776,780,785,786,2051,4035,4036,27904,54898</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/738563$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Balasubramaniyan, J.S.</creatorcontrib><creatorcontrib>Garcia-Fernandez, J.O.</creatorcontrib><creatorcontrib>Isacoff, D.</creatorcontrib><creatorcontrib>Spafford, E.</creatorcontrib><creatorcontrib>Zamboni, D.</creatorcontrib><title>An architecture for intrusion detection using autonomous agents</title><title>Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)</title><addtitle>CSAC</addtitle><description>The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.</description><subject>Authorization</subject><subject>Autonomous agents</subject><subject>Contracts</subject><subject>Ear</subject><subject>Event detection</subject><subject>Intrusion detection</subject><subject>Laboratories</subject><subject>MONOS devices</subject><subject>Prototypes</subject><subject>Read only memory</subject><issn>1063-9527</issn><issn>2576-9103</issn><isbn>0818687894</isbn><isbn>9780818687891</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>1998</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><sourceid>RIE</sourceid><recordid>eNotT0tLxDAYDD7A7updPOUPtObLOycpxVVhwYN6XpI2XSNuKkl68N_bZT3Ng5mBQegWSANAzH331nYNGKMbxbSQ7AxVVChZGyDsHK2IBi210oZfoAqIZLURVF2hVc5fhCw9BRV6aCO2qf8MxfdlTh6PU8IhljTnMEU8-KN_ZIuOe2znMsXpMM0Z272PJV-jy9F-Z3_zj2v0sXl8757r7evTS9du6wCKl9oNIwfuneaCEyWFZ8w5w8kgSE8l1YpzWDJ0NHywVjApwBLrqHA9eA-crdHdaTd473c_KRxs-t2dfrM_8dlKyw</recordid><startdate>1998</startdate><enddate>1998</enddate><creator>Balasubramaniyan, J.S.</creator><creator>Garcia-Fernandez, J.O.</creator><creator>Isacoff, D.</creator><creator>Spafford, E.</creator><creator>Zamboni, D.</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>1998</creationdate><title>An architecture for intrusion detection using autonomous agents</title><author>Balasubramaniyan, J.S. ; Garcia-Fernandez, J.O. ; Isacoff, D. ; Spafford, E. ; Zamboni, D.</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-i174t-bdf414eb84540765e33bb940d50c26287441bdf2f94daa53651a0ab25bc1ee143</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>1998</creationdate><topic>Authorization</topic><topic>Autonomous agents</topic><topic>Contracts</topic><topic>Ear</topic><topic>Event detection</topic><topic>Intrusion detection</topic><topic>Laboratories</topic><topic>MONOS devices</topic><topic>Prototypes</topic><topic>Read only memory</topic><toplevel>online_resources</toplevel><creatorcontrib>Balasubramaniyan, J.S.</creatorcontrib><creatorcontrib>Garcia-Fernandez, J.O.</creatorcontrib><creatorcontrib>Isacoff, D.</creatorcontrib><creatorcontrib>Spafford, E.</creatorcontrib><creatorcontrib>Zamboni, D.</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Electronic Library (IEL)</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Balasubramaniyan, J.S.</au><au>Garcia-Fernandez, J.O.</au><au>Isacoff, D.</au><au>Spafford, E.</au><au>Zamboni, D.</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>An architecture for intrusion detection using autonomous agents</atitle><btitle>Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)</btitle><stitle>CSAC</stitle><date>1998</date><risdate>1998</risdate><spage>13</spage><epage>24</epage><pages>13-24</pages><issn>1063-9527</issn><eissn>2576-9103</eissn><isbn>0818687894</isbn><isbn>9780818687891</isbn><abstract>The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.</abstract><pub>IEEE</pub><doi>10.1109/CSAC.1998.738563</doi><tpages>12</tpages></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 1063-9527
ispartof Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217), 1998, p.13-24
issn 1063-9527
2576-9103
language eng
recordid cdi_ieee_primary_738563
source IEEE Electronic Library (IEL) Conference Proceedings
subjects Authorization
Autonomous agents
Contracts
Ear
Event detection
Intrusion detection
Laboratories
MONOS devices
Prototypes
Read only memory
title An architecture for intrusion detection using autonomous agents
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-26T12%3A26%3A13IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_6IE&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=An%20architecture%20for%20intrusion%20detection%20using%20autonomous%20agents&rft.btitle=Proceedings%2014th%20Annual%20Computer%20Security%20Applications%20Conference%20(Cat.%20No.98EX217)&rft.au=Balasubramaniyan,%20J.S.&rft.date=1998&rft.spage=13&rft.epage=24&rft.pages=13-24&rft.issn=1063-9527&rft.eissn=2576-9103&rft.isbn=0818687894&rft.isbn_list=9780818687891&rft_id=info:doi/10.1109/CSAC.1998.738563&rft_dat=%3Cieee_6IE%3E738563%3C/ieee_6IE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=738563&rfr_iscdi=true