Computer System Immunity using Mobile Agents
暂无分享,去创建一个
During the last ten years, the Internet has grown considerably. More interconnected people yields increased information security problems. Indeed, the continuous increase in computer interconnectivity and interoperability in a fully open way enhances the intruder’s ability to attempt malicious behaviour against computers and networks and furthermore allows intruders to make these attempts extremely efficient. Detecting an intruder in a network environment is hard for a human and even if the amount of circulating information is collected by computers there is still too much information to analyse in real-time. Intrusion Detection Systems’ (IDSs) goal is to detect attacks against information systems. Notably it is difficult to guarantee a completely and provably secure information system and to be sure to always maintain it in a secure state during its utilization. This is why IDSs have to monitor the usage of such systems to detect eventual insecure states. For this task, new approaches and designs on IDSs are required which avoid, for example, centralised control and analysis of data to determine if an intruder entered the network. With this perspective and in the scope of a Swiss National Project (ADAMA II-2000-054014.98), we are investigating the use of Mobile Agents (MAs) research to address Intrusion Detection (ID) in an Intranet mapping immune system principles.
[1] T. Karygiannis,et al. MOBILE AGENTS IN INTRUSION DETECTION AND RESPONSE , .
[2] Stephanie Forrest,et al. Infect Recognize Destroy , 1996 .
[3] Stephanie Forrest,et al. Intrusion Detection Using Sequences of System Calls , 1998, J. Comput. Secur..