文章基本信息

标题：Dynamic Multi-Layer Signature Based Intrusion Detection System Using Mobile Agents
本地全文：下载
作者：Mueen Uddin ; Kamran Khowaja ; Azizah Abdul Rehman 等
期刊名称：International Journal of Network Security & Its Applications
印刷版ISSN：0975-2307
电子版ISSN：0974-9330
出版年度：2010
卷号：2
期号：4
DOI：10.5121/ijnsa.2010.2411
出版社：Academy & Industry Research Collaboration Center (AIRCC)
摘要：Intrusion detection systems have become a key component in ensuring the safety of systems and networks. As networks grow in size and speed continues to increase, it is crucial that efficient scalable techniques should be developed for IDS systems. Signature based detection is the most extensively used threat detection technique for Intrusion Detection Systems (IDS). One of the foremost challenges for signaturebased IDS systems is how to keep up with large volume of incoming traffic when each packet needs to be compared with every signature in the database. When an IDS cannot keep up with the traffic flood, all it can do is to drop packets, therefore, may miss potential attacks. This paper proposes a new model called Dynamic Multi-Layer Signature based IDS using Mobile Agents, which can detect imminent threats with very high success rate by dynamically and automatically creating and using small and efficient multiple databases, and at the same time, provide mechanism to update these small signature databases at regular intervals using Mobile Agents.
关键词：Intrusion Detection Systems; Snort; Mobile Agents; Aglets; Snort Rules