A Study of Security Rule Management for Misuse Intrusion Detection Systems using Mobile Agent


The KIPS Transactions:PartC, Vol. 10, No. 5, pp. 525-532, Oct. 2003
10.3745/KIPSTC.2003.10.5.525,   PDF Download:

Abstract

This paper describes intrusion detection rule management using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed approach, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2 (Network Simulator) with respect to time.


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article
[IEEE Style]
K. T. Gyeong, L. D. Yeong, J. T. Myeong, "A Study of Security Rule Management for Misuse Intrusion Detection Systems using Mobile Agent," The KIPS Transactions:PartC, vol. 10, no. 5, pp. 525-532, 2003. DOI: 10.3745/KIPSTC.2003.10.5.525.

[ACM Style]
Kim Tae Gyeong, Lee Dong Yeong, and Jeong Tae Myeong. 2003. A Study of Security Rule Management for Misuse Intrusion Detection Systems using Mobile Agent. The KIPS Transactions:PartC, 10, 5, (2003), 525-532. DOI: 10.3745/KIPSTC.2003.10.5.525.