Agent-based Intrusion Detection For Network-based Application

Jianping Zeng, Donghui Guo
2009 International Journal of Network Security  
Now days, different kinds of IDS systems are available for serving in the network distributed system, but these systems mainly concentrate on network-based and hostbased detection. It is inconvenient to integrate these systems into distributed application servers for applicationbased intrusion detection. An agent-based IDS that can be smoothly integrated into the applications of enterprise information systems is proposed in this paper and we discuss the system architecture, agent structure, and
more » ... integration mechanism. Our IDS system consists of three kinds of agents, namely, client agent, server agent and communication agent. This paper also explains how to integrate agents with an access control model for getting better security performance. By introducing standard protocols such as KQML, IDMEF into the design of agent, our agent-based IDS shows how to build more flexible software applications.
dblp:journals/ijnsec/ZengG09 fatcat:lupviwhnvzgwrcy2zztyq653de