A Distributed Autonomous-Agent Network-Intrusion Detection and Response System

Abstract

We propose a distributed architecture with autonomous agents to monitor security-related activity within a network. Each agent operates cooperatively yet independently of the others, providing for efficiency, real-time response and distribution of resources. This architecture provides significant advantages in scalability, flexibility, extensibility, fault tolerance, and resistance to compromise. We also propose a scheme of escalating levels of alertness, and a way to notify other agents on other computers in a network of attacks so they can take preemptive or reactive measures. We designed a neural network to measure and determine alert threshold values. A communication protocol is proposed to relay these alerts throughout the network. We illustrate our design with a detailed scenario. This paper appeared in the Procedings of the 1998 Command and Control Research and Technology Symposium, Monterey CA, June-July 1998.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 1998
Accession Number
ADA484754

Entities

People

  • Joseph Barrus
  • Neil C. Rowe

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Autonomy
  • Cyber

DTIC Thesaurus Topics

  • Autonomous Agents
  • Command And Control
  • Computers
  • Computing System Architectures
  • Control Systems
  • Denial Of Service Attack
  • Detection
  • Detectors
  • Hierarchies
  • Information Operations
  • Intrusion
  • Intrusion Detection
  • Intrusion Detectors
  • Neural Networks
  • Operating Systems
  • Security
  • Situational Awareness

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Sensor Fusion and Tracking Systems.
  • Software Engineering.

Technology Areas

  • AI & ML
  • AI & ML - Autonomous Systems
  • Fully Networked C3
  • Fully Networked C3 - Command and Control