使用自主代理进行入侵检测的体系结构

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI:10.1109/CSAC.1998.738563

Jai Sundar Balasubramaniyan, Jose Omar Garcia-Fernandez, David Isacoff, E. Spafford, D. Zamboni

{"title":"使用自主代理进行入侵检测的体系结构","authors":"Jai Sundar Balasubramaniyan, Jose Omar Garcia-Fernandez, David Isacoff, E. Spafford, D. Zamboni","doi":"10.1109/CSAC.1998.738563","DOIUrl":null,"url":null,"abstract":"The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"611","resultStr":"{\"title\":\"An architecture for intrusion detection using autonomous agents\",\"authors\":\"Jai Sundar Balasubramaniyan, Jose Omar Garcia-Fernandez, David Isacoff, E. Spafford, D. Zamboni\",\"doi\":\"10.1109/CSAC.1998.738563\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.\",\"PeriodicalId\":426526,\"journal\":{\"name\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"volume\":\"6 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1998-12-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"611\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSAC.1998.738563\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAC.1998.738563","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 611

摘要

商业和研究系统中常用的入侵检测系统架构存在许多限制其可配置性、可扩展性和效率的问题。现有体系结构中最常见的缺点是，它们是围绕单个整体实体构建的，该实体负责大部分数据收集和处理工作。在本文中，我们回顾了基于多个独立实体共同工作的分布式入侵检测系统的体系结构。我们称这些实体为自主代理。这种方法解决了前面提到的一些问题。我们介绍了该方法的动机和描述，从早期原型中获得的部分结果，对设计和实现问题的讨论，以及未来工作的方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An architecture for intrusion detection using autonomous agents

The intrusion detection system architectures commonly used in commercial and research systems have a number of problems that limit their configurability, scalability or efficiency. The most common shortcoming in the existing architectures is that they are built around a single monolithic entity that does most of the data collection and processing. In this paper, we review our architecture for a distributed intrusion detection system based on multiple independent entities working collectively. We call these entities autonomous agents. This approach solves some of the problems previously mentioned. We present the motivation and description of the approach, partial results obtained from an early prototype, a discussion of design and implementation issues, and directions for future work.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)

自引率

0.00%

发文量