Abstract
Agent based intrusion detection systems (IDS) have advantages such as scalability, reconfigurability, and survivability. In this paper, we I ntroduce a mobile-agent based IDS, called ABIDE (Agent Based Intrusion Detection Environment). ABIDE is comprised of various types of agents, all of which are mobile, lightweight, and specialized. The most common form of agent is the DMA (Data Mining Agent), which randomly moves around the network and collects information. The DMA then relays the information it has gathered to a DFA (Data Fusion Agent) which assesses the likelihood of intrusion. As we show in this paper, there is a quantifiable relationship between the number of DMA and the probability of detecting an intrusion. We study this relationship and its implications.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35587-0_24
Chapter PDF
References
D. J. Ingram, H. S. Kremer, & N. C. Rowe: Distributed Intrusion Detection for Computer Systems Using Communicating Agents, The 2000 Command and Control Research and Technology Symposium (CCRTS), 2000.
E. H. Spafford & D. Zamboni: Intrusion Detection Using Autonomous Agents, Computer Networks, 34 (4): 547–570, October 2000.
M. Reed: Agent Based Intrusion Detection Environment Architecture, NRL Technical Report 5540/TM/117, 18 July, 2000.
M. Reed: ABIDE: Scalability, NRL Technical Report 5540/TM/118, 6 September, 2000.
A. Shamir: How to Share a Secret, Communications of the ACM, 22 (11): 612–613, November 1979.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Moskowitz, I.S., Kang, M.H., Chang, L., Longdon, G.E. (2002). Randomly Roving Agents for Intrusion Detection. In: Olivier, M.S., Spooner, D.L. (eds) Database and Application Security XV. IFIP — The International Federation for Information Processing, vol 87. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35587-0_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-35587-0_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-1028-1
Online ISBN: 978-0-387-35587-0
eBook Packages: Springer Book Archive