A distributed approach for intrusion detection systems
暂无分享,去创建一个
This paper discuses a critical issue in computer security, intrusion detection. First we give an overview about the current stage of intrusion detection and existing intrusion detection system types. Then, we propose a new approach suitable to what future intrusion detection systems will have to provide in order to meet the requests presented by the computer security society. The approach named IDIAS (intrusion detection intelligent agent system) is meant to be a system capable of integrating several type of intelligent agents into the same environment providing a kind of defense if depth strategy into dealing with intrusions. The main goals of this approach, which distinguish it from other solutions, are its distributed architecture, scalability, efficiency and the use of intelligent agents.
[1] Todd L. Heberlein,et al. Network intrusion detection , 1994, IEEE Network.
[2] D. Curry,et al. Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) Document Type Definition , 2004 .
[3] Stephen Northcutt,et al. Network Intrusion Detection: An Analyst's Hand-book , 1999 .
[4] Isij Monitor,et al. Network Intrusion Detection: An Analyst’s Handbook , 2000 .