Randomly Roving Agents for Intrusion Detection

Abstract

Agent based intrusion detection systems (IDS) have advantages such as scalability, reconfigurability, and survivability. In this paper, we introduce a mobile-agent based IDS, called ABIDE (Agent Based Intrusion Detection Environment). ABIDE is comprised of various types of agents, all of which are mobile, lightweight, and specialized. The most common form of agent is the DMA (Data Mining Agent), which randomly moves around the network and collects information. The DMA then relays the information it has gathered to a DFA (Data Fusion Agent) which assesses the likelihood of intrusion. As we show in this paper, there is a quantifiable relationship between the number of DMA and the probability of detecting an intrusion. We study this relationship and its implications.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2001
Accession Number
ADA465041

Entities

People

  • Garth E. Longdon
  • Ira S. Moskowitz
  • Liwu Chang
  • Myong H. Kang

Organizations

  • United States Naval Research Laboratory

Tags

Communities of Interest

  • Cyber
  • Ground and Sea Platforms

DTIC Thesaurus Topics

  • Detection
  • Detectors
  • Information Systems
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Military Research
  • Probability
  • Random Variables
  • Simulations
  • Stochastic Processes

Fields of Study

  • Computer science

Readers

  • Computer Vision.
  • Cybersecurity.
  • Distributed Systems and Data Platform Development

Technology Areas

  • AI & ML