Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Mobile Agent-Based Misuse Intrusion Detection Rule Propagation Model for Distributed System

  • Conference paper
  • First Online:
EurAsia-ICT 2002: Information and Communication Technology (EurAsia-ICT 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2510))

Included in the following conference series:

  • 313 Accesses

Abstract

This paper describes the rule propagation model for the misuse detection methods using mobile agents. Approaches to detecting intrusions can be broadly classified into two categories: Anomaly Detection and Misuse Detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods [1]. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a method of use of mobile agent mechanisms to add mobility features to the process of rule propagation. This approach presents significant advantages in terms of spreading rules rapidly, increasing scalability and providing fault tolerance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. R. G. Bace. Intrusion Detection, Macmillan Technical Publishing 2000.

    Google Scholar 

  2. B. Mukherjee, T. L. Heberlein and K. N. Levitt. Network Intrusion Detection. IEEE Network, May/June 1994.

    Google Scholar 

  3. R. Jagannathan, T. Lunt, D. Anderson, C. Dodd, F. Gilham, C. Jalali, H. Javitz, P. Neumann, A. Tamaru, and A. Valdes. System Design Document: Next-Generation Intrusion Detection Expert System (NIDES). Technical Report A007/A008/A009/ A011/A012/A014, SRI International, March 1993.

    Google Scholar 

  4. S. Kumar and E. Spafford. “A Pattern Matching Model for Misuse Intrusion Detection,” Proceedings of the Seventeenth National Computer Security Conference, Oct. 1994.

    Google Scholar 

  5. Information Security 21c, the history and kinds of intrusion detection system, http://www.securityinformation.com, July 2001.

  6. U. Lindqvist and P. A. Porras. Detecting computer and network misuse through the Production-Based Expert System Toolset (PBEST). In Proceedings of the 1999 Symposium on Security and Privacy, Oakland, California, May 1999.

    Google Scholar 

  7. H. S. Nwana. Software Agents: an Overview. Knowledge Engineering Review, 1996.

    Google Scholar 

  8. M. Crosbie and G. H. Spafford. Defending a Computer System using Autonomous Agents. Technical Report No. 95-022, Dept. of Comp. Sciences, Purdue University, March 1996.

    Google Scholar 

  9. M. Crosbie, and E. H. Spafford. “Active Defense of a Computer System using Autonomous Agents”, Technical Report CSD-TR-95-008, Department of Computer Sciences, Purdue University, 1995.

    Google Scholar 

  10. Balasubramaniyan, Jai, J. O. Garcia-Fernandez, E. H. Spafford, and D. Zamboni. An Architecture for Intrusion Detection using Autonomous Agents. Department of Computer Sciences, Purdue University; Coast TR 98-05; 1998.

    Google Scholar 

  11. S. Stolfo, A. Prodromidis, S. Tselepsis, W. Lee, D. Fan and P. Chan. JAM: Java Agents for Metalearning over Distributed Databases. In Prod. Third Intl. Conf. Knowledge Discovery and Data Mining, 1997.

    Google Scholar 

  12. G. G. Helmer, J. S. K. Wong, V. Honavar, and L. Miller. Intelligent agents for intrusion detection. In Proceedings, IEEE Information Technology Conference, pages 121–124, Syracuse, NY, September 1998.

    Google Scholar 

  13. A. Porras and P. G. Neumann. EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances. In Proceedings of the National Information Systems Security Conference, Oct 1997.

    Google Scholar 

  14. A. Porras and A. Valdes. “Live Traffic Analysis of TCP/IP Gateways,” in Networks and Distributed Systems Security Symposium, March 1998.

    Google Scholar 

  15. B. Jai, J. O. Garcia-Fernandez, E. H. Spafford, and D. Zamboni. An Architecture for Intrusion Detection using Autonomous Agents. Department of Computer Sciences, Purdue University; Coast TR 98-05; 1998.

    Google Scholar 

  16. K. Boudaoud, H. Labiod, R. Boutaba, Z. Guessoum. Network security management with intelligent agents. Network Operations and Management Symposium, 2000. NOMS 2000.

    Google Scholar 

  17. L. Qi, L. Yu. “Mobile agent-based security model for distributed system”, Systems, Man, and Cybernetics, 2001 IEEE International Conference, 2001.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Real-Time Systems Laboratory, School of Information and Communication Engineering, SungKyunKwan University, Chunchun-dong 300, Jangan-gu, Suwon, Kyunggi-do, Republic of Korea

    Tae-Kyung Kim, Dong-Young Lee & T. M. Chung

Authors
  1. Tae-Kyung Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dong-Young Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. T. M. Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Mathematics and Computer Science Computer Science Department, Shahid Bahonar University, 22 Bahman Bulvard, Kerman, Iran

    Hassan Shafazand

  2. Fraunhofer IPSI, Dolivostr. 15, 64293, Darmstadt, Germany

    Hassan Shafazand

  3. Institute of Software Technology, Vienna University of Technology, Favoritenstr. 9/188, 1040, Vienna, Austria

    A. Min Tjoa

Rights and permissions

Reprints and permissions

Copyright information

© 2002 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kim, TK., Lee, DY., Chung, T.M. (2002). Mobile Agent-Based Misuse Intrusion Detection Rule Propagation Model for Distributed System. In: Shafazand, H., Tjoa, A.M. (eds) EurAsia-ICT 2002: Information and Communication Technology. EurAsia-ICT 2002. Lecture Notes in Computer Science, vol 2510. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36087-5_97

Download citation

  • DOI: https://doi.org/10.1007/3-540-36087-5_97

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00028-0

  • Online ISBN: 978-3-540-36087-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation