A Study of Security Rule Management for Misuse Intrusion Detection Systems using Mobile Agent 


Vol. 10,  No. 5, pp. 525-532, Oct.  2003
10.3745/KIPSTC.2003.10.5.525


PDF
  Abstract

This paper describes intrusion detection rule management using mobile agents. Intrusion detection can be divided into anomaly detection and misuse detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a new approach for detecting intrusions, in which mobile agent mechanisms are used for security rules propagation. To evaluate the proposed approach, we compared the workload data between a rules propagation method using a mobile agent and a conventional method. Also, we simulated a rules management using NS-2 (Network Simulator) with respect to time.

  Statistics
  Cite this article

[IEEE Style]

K. T. Gyeong, L. D. Yeong, J. T. Myeong, "A Study of Security Rule Management for Misuse Intrusion Detection Systems using Mobile Agent," The KIPS Transactions:PartC, vol. 10, no. 5, pp. 525-532, 2003. DOI: 10.3745/KIPSTC.2003.10.5.525.

[ACM Style]

Kim Tae Gyeong, Lee Dong Yeong, and Jeong Tae Myeong. 2003. A Study of Security Rule Management for Misuse Intrusion Detection Systems using Mobile Agent. The KIPS Transactions:PartC, 10, 5, (2003), 525-532. DOI: 10.3745/KIPSTC.2003.10.5.525.

Forms

Search
(IN TITLE, AUTHOR, ABSTRACT,KEYWORDS)

Advanced Search

POPULAR KEYWORDS
(TOP 10 KEYWORDS)

Recent Publications
(LAST 3 YEARS)

Old Journals

Indexing

All publications of TKIPS is indexed in DOI, EBSCO, Google Scholar, Crossref, and CrossCheck.

TKIPS is also selected as the Journal for Accreditation by NRF (National Research Foundation of Korea).

Related Journals