P2P Distributed Intrusion Detections by Using Mobile Agents

Dayong Ye, Quan Bai, Minjie Zhang, Zhen Ye
2008 Seventh IEEE/ACIS International Conference on Computer and Information Science (icis 2008)  
Traditional hierarchical intrusion detection systems have a central manager which attracts hackers to attack and might overload when there are too many client requests. To overcome these drawbacks, some researchers suggested to apply Peer-to-Peer approaches in intrusion detection. Most current Peer-to-Peer intrusion detection systems only allow hosts to collect related information from "neighbours" (one hop hosts). The limitation of information sources may lead a system to make inaccurate
more » ... ons. In this paper, we propose a Mobile Agent Based Peer-to-Peer Distributed Intrusion Detection Framework. Agents are included in this framework to achieve intrusion detections. In addition, a mobile agent migration strategy is applied in the framework to allow agents not only to collect information from direct-linked "neighbours" but also other hosts in the network. Benefitted from agent and Peer-to-Peer techniques, our framework can decrease the overhead of each host in the network, reduce the security risk, and achieve more accurate detections.
doi:10.1109/icis.2008.21 dblp:conf/ACISicis/YeBZY08 fatcat:tk3cjv6jsvd2fp6rjcgmelhm5y