PAID: A Probabilistic Agent-Based Intrusion Detection system

被引：30

作者：

Gowadia, V ^{[1
]}

Farkas, C ^{[1
]}

Valtorta, M ^{[1
]}

机构：

[1] Univ S Carolina, Dept Comp Sci & Engn, Informat Secur Lab, Columbia, SC 29208 USA

来源：

COMPUTERS & SECURITY | 2005年 / 24卷 / 07期

基金：

美国国家科学基金会;

关键词：

intrusion detection; network security; computer security; computer attack; agents; Bayesian networks;

D O I：

10.1016/j.cose.2005.06.008

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

In this paper we describe architecture and implementation of a Probabilistic Agent-Based Intrusion Detection (PAID) system. The PAID system has a cooperative agent architecture. Autonomous agents can perform specific intrusion detection tasks (e.g., identify IP-spoofing attacks) and also collaborate with other agents. The main contributions of our work are the following: our model allows agents to share their beliefs, i.e., the probability distribution of an event occurrence. Agents are capable to perform soft-evidential update, thus providing a continuous scale for intrusion detection. We propose methods for modelling errors and resolving conflicts among beliefs. Finally, we have implemented a proof-of-concept prototype of PAID. (C) 2005 Elsevier Ltd. All rights reserved.

引用

页码：529 / 545

页数：17