Defending a Computer System using Autonomous Agents
James O. (jtruitt@grci.com)
Thu, 16 Nov 95 08:13:35 -0500
http://www.cs.purdue.edu/homes/mcrosbie/research/NISSC95/NISC.html
> --------------------------------------------------------------------
> [next] [up] [previous]
> Next: Introduction
> --------------------------------------------------------------------
> Defending a Computer System using Autonomous Agents
> Mark Crosbie, Gene Spafford
> COAST Laboratory
> Dept. of Computer Sciences
> Purdue University
> West Lafayette IN 47907-1398
> {mcrosbie, spaf}@cs.purdue.edu
> 9 June, 1995
> Abstract:
> This report presents a prototype architecture of a defense mechanism
> for computer systems. The intrusion detection problem is introduced
> and some of the key aspects of any solution are explained. Standard
> intrusion detection systems are built as a single monolithic module.
> A finer-grained approach is proposed, where small, independent
> agents monitor the system. These agents are taught how to recognise
> intrusive behaviour. The learning mechanism in the agents is built
> using Genetic Programming. This is explained, and some sample agents
> are described. The flexibility, scalability and resilience of the
> agent approach are discussed. Future issues are also outlined.
> --------------------------------------------------------------------
> * Introduction
> * Intrusions and Intrusion Detection
> o Intrusion Detection
> * A Finer-grained Approach
> * Architecture of an Agent
> * Prototype Solution
> * Prototype Issues
> * Conclusions
> * References
> * About this document ...
> --------------------------------------------------------------------
> Mark Joseph Crosbie
> Sun Oct 29 17:06:30 EST 1995