We have designed and implemented an intrusion detection system (IDS) prototype based on mobile agents. Our agents travel between monitored systems in a network of distributed systems, obtain information from data cleaning agents, classify and correlate information, and report the information to a user interface and database via mediators. Agent systems with lightweight agent support allow runtime addition of new capabilities to agents. We describe the design of our Multi-agent IDS and show how lightweight agent capabilities allowed us to add communication and collaboration capabilities to the mobile agents in our IDS.
All Science Journal Classification (ASJC) codes
- Information Systems
- Hardware and Architecture