Distributed Intrusion Detection for Computer Systems Using Communicating Agents

Abstract

Intrusion detection for computer systems is a key problem of the Internet, and the Windows NT operating system has a number of vulnerabilities. The work presented here demonstrates that independent detection agents under Windows NT can be run in a distributed fashion, each operating mostly independent of the others, yet cooperating and communicating to provide a truly distributed detection mechanism without a single point of failure. The agents can run along with user and system software without noticeable consumption of system resources, and without generating an overwhelming amount of network traffic during an attack.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2000
Accession Number
ADA458055

Entities

People

  • Dennis J. Ingram
  • H. S. Kremer
  • Neil C. Rowe

Organizations

  • Marine Corps Warfighting Laboratory

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes
  • Sensors

DTIC Thesaurus Topics

  • Computer Programming
  • Computer Science
  • Computers
  • Cybersecurity
  • Debugging
  • Denial Of Service Attack
  • Detection
  • Detectors
  • Information Security
  • Information Systems
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Network Protocols
  • Operating Systems
  • User Interface

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Neurotoxicology
  • Systems Analysis and Design