Agent IDS based on misuse approach

Journal of Software

Volumn 4, Issue 6, 2009, Pages 495-507

  Barika, F A ^a   El Kadhi, N ^b,c   Ghedira K ^a  

^a Higher Institute of Management   (Tunisia)

^b Epitech   (France)

^c AHLIA UNIVERSITY   (Bahrain)

Author keywords

Detection delay; Detection rate; False alarm; Intrusions Detection System; Misuse approach; Mobile agents

Indexed keywords

DETECTION DELAY; DETECTION RATE; FALSE ALARM; INTRUSIONS DETECTION SYSTEM; MISUSE APPROACH;

ALARM SYSTEMS; COMPUTER CRIME; ERRORS; MOBILE AGENTS; WIRELESS NETWORKS;

INTRUSION DETECTION;

EID: 78651583709     PISSN: 1796217X     EISSN: None     Source Type: Journal    
DOI: None     Document Type: Article

References (57)

1. L. Me, Z. Marrakchi, C. Michel, H. Debar and F. Cuppens, La detection d'intrusion: les outils doivent cooperer, in REE Journal, pp. 50-55, No 5, May, 2001.
2. R. H. Campbell, Z. Liu, M. D. Mickunas, P. Naldurg and S. Yi, Seraphim: An Active Security Architecture for Active Network, in UIUCDCS-R-99-2167, UILU-ENG-99- 1756, Urbana, IL 61801, Nov. 1999.
3. J. P. Anderson, Computer security threat monitoring and surveillance, James P. Anderson Company, Fort Washington, Pennsylvania, 1980.
4. Dethy, Examining port scan methods - Analysing Audible Techniques, (2001). [Online]. Available: http: http://synnergy.net/downloads/papers/portscan.txt.
5. G. Vigna, S. Eckmann and R. Kemmerer, Attack Languages, in Proceedings of the IEEE Information Survivability Work- shop, USA, pp. 163-166, 2000.
6. B. Mukherjee, T. L. Heberlein and K. N. Levitt, Network Intrusion Detection, in IEEE Network, June 1994.
7. M. J. Ranum, Experiences Benchmarking Intrusion Detection Systems, in NFR Security, Dec. 2001.
8. T. L. Heberlein, G. V. Dias, K. N. Levitt, B. Mukherjee, J. Wood and D. Wolber, A Network Security Monitor, in Proceedings of the Symposium on Research in Securirt and Privacy, May 1990.
9. D. E. Denning, An intrusion detection model, in IEEE Transactions on software engeneering, SE-13:222232, 1987.
10. S. Kumar, and E. Spafford, A Software Architecture to Support Misuse Intrusion Detection, Department of Com- puter Sciences, Purdue University, Mar. 1995.
11. (2008, Mar.) CISCO. [Online]. Available: http: http://www.cisco.com.
12. (2008, Mar.) RealSecure. [Online]. Available: http: http://www.iss.net.
13. W. Jansen, P. Mell, T. Karygiannis and D. Marks, Applying mobile agents to intrusion detection and response, NIST Interim Report - 6416, Oct. 1999.
14. J. S. Balasubramaniyam, J. O. Garcia-Fernandez, D. Isacoff, E. Spafford and D. Zamboni, An Architecture for Intrusion Detection using Autonomous Agents, in Proceedings of the 14th Annual Computer Security Applications Conference, Dec. 1998.
15. T. H. Ptacek and T. N. Newsham, Insertion, evasion, and denial of service: Eluding network intrusion detection, Secure Network Inc., Jan. 1998.
16. (2007, Oct.) SNORT. [Online]. Available: http: http://www.snort.org/.
17. R. U. Rehman, Intrusion Detection Systems with Snort Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID, Publishing as Prentice Hall PTR Upper Saddle River, New Jersey 07458, ISBN 0-13-140733-3, 2003.
18. (2007, Nov.) NMAP. [Online]. Available: http: http://www.insecure.org/nmap.
19. (2007, Oct.) Prelude-IDS. [Online]. Available: http: http://www.prelude-ids.org.
20. (2007, Oct.) Tamandua. [Online]. Available: http: http://tamandua.axur.org.
21. F. S. Rietta, Application Layer Intrusion Detection for SQL Injection, in ACM SE06 1012, Melbourne, Florida, USA, Mar. 2006.
22. D. Curry and H. Debar, Intrusion Detection Message Exchange Format Data Model and Extensible Markup Language (XML) Document Type Definition, Intrusion Detection Working Group, 116 pages, Jan. 2003.
23. F. Dressler, G. Mnz and G. Carle, Attack Detection using Cooperating Autonomous Detection Systems (CATS), Wilhelm-Schickard-Institute of Computer Science, Computer Networks and Internet, University of Tbingen, 2004.
24. M. Eriksson, An Example of a Man-in-the-middle Attack Against Server Authenticated SSL-sessions, in International Conference on Applied Cryptography and Network Security, Oct. 2003.
25. S. Specht and R. Lee, Distributed Denial of Service: Taxonomies of Attacks, Tools, and Countermeasures, in Proceedings of the 17th International Conference on Parallel and Distributed Computing Systems, pp. 543-550, Sep. 2004.
26. G. Hulmer, J. S. K. Wong, V. Honavar, L. Miller and Y. Wang, Lightweight Agents for Intrusion Detection, in Journal of Systems and Software 67 (03), pp. 109-122, 2003.
27. K. Ghedira, MASC: une approche Multi-Agents de problémes de Statisfaction de Contraintes, 1993.
28. Palmquis, Intelligent Agents in Computer and Network Management, 1998, (course paper). http://www.gslis.utexas.edu/palmquis/courses.
29. M. Asaka, S. Okasawa, A. Taguchi and S. Goto, A Method of Tracing Intruders by Use of Mobile Agents, in Proceedings of the 9th Annual Internetworking Conference (INET'99), San Jose, California, June 1999.
30. J. D. De Queiroz, L. F. R. Da Costa Carmo and L. Pirmez, Micael: An Autonomous mobile agent system to protect new generation networked application, in in 2nd Annual Workshop on Recent Advances in Intrsuion Detection, Sep. 1999.
31. M. C. Bernardes and E. Dos Santos Moreira, Implementation of an Intrusion Detection System based on Mobile Agents, in In International Symposium on Software Engineering for Parallel and Distributed Systems, pp. 158-164, June 2000.
32. E. H. Spafford and D. Zamboni, Intrusion Detection Using Autonomous Agents, in Computer Networks: The Int. Journal of Computer and Telecommunications Networking 34(4), pp. 547-570, 2000.
33. I. M. Hegazy, T. Al-Arif, Z. T. Fayed and H. M. Faheem, A Multi-agent Based System for Intrusion Detection, in IEEE Potentials 22(4), pp. 28-31, 2003.
34. D. Dasgupta, F. Gonzalez, K. Yallapu, J. Gomez and R. Yarramsettii, CIDS: An agentbased intrusion detection system, in Computers & Security 24(5), pp. 387-398, 2005.
35. H. Q. Wang, Z. Q. Wang, Q. Zhao, G. F. Wang, R. J. Zheng D. X. Liu, Mobile Agents for Network Intrusion Resistance, in APWeb 2006. LNCS, vol. 3842, Springer, Heidelberg, pp. 965-970, 2006.
36. K. Deeter, K. Singh, S. Wilson, L. Filipozzi and S. Vuong, APHIDS: A Mobile Agent-Based Programmable Hybrid Intrusion Detection System, in Mobility Aware Technologies and Applications. LNCS, vol. 3284, Springer, Heidelberg, pp. 244-253, 2004.
37. (2007, Aug.) Tritheme Distributed and Hybrid Intrusion Detection and Response System. [Online]. Available: http: http://sourceforge.net/projects/tritheme/, 2001.
38. A. Trapathi, T. Ahmed, S. Pathak, A. Pathak, M. Carney, M. Koka and P. Dokas, Active Monotoring of Network System using Mobile Agents, University of Minnesota, May 2002.
39. (2007, Aug.) N. Daira, Strorshield presentation. [Online]. Available: http: http://www.skyrecon.com/, 2004.
40. (2007, Aug.) MonALISA, MONitoring Agents using a Large Integrated Services Architecture. [Online]. Available: http: http://monalisa.cacr.caltech.edu/, 2005.
41. A. Cardon, A distributed multiagent system for the self evaluation of dialogs, in Proceedings of the Joint JSAI 2001 Workshop on New Frontiers in Artificial Intelligence, Springer-Verlag, pp. 43-50, 2001.
42. F. A. Barika, Vers un IDS Intelligent base d'Agents Mobiles, (Institut Suprieur de Gestion de Tunis), July 2003.
43. D. B. Lange and M. Oshima, Programming and Deploying Java Mobile Agents with Aglets, Seconde Edition, ISBN 0- 201-32582-9, Massachusetts, Addison Wesley, 1998, 225 p.
44. N. EL Kadhi, F. A. Barika, E. Burstein and K. Ghedira, Toward Agent IDS: Agents Platforms Security Features Study, in Proceedings of CSC 2003, Computer security Congress, Mexique, Mar. 2003.
45. N. EL Kadhi and P. Boury, Static analysis of Java Crypto- graphic Applets, in Proceedings of ECOOP2001 Workshop on Java Formal Verification, Budapest, June 2001.
46. M. Tatsubori, An Extension Mechanism for the Java Language, (Titech), 1999. [Online]. Available: http: http://www.csg.is.titech.ac.jp/openjava/papers.
47. The Aglets Software Development Kit. [Online]. Available: http: http://sourceforge.net/projects/aglets/, June 2002.
48. L. Gong, Java Security Architecure, (JavaSoft), July 1997.
49. M. Burdach, Hardening the TCP/IP stack to SYN attacks, in SecurityFocus, Sep. 2003.
50. (2007, Nov.) HPING. [Online]. Available: http: http://www.hping.org.
51. (2007, Oct.) Firestorm. [Online]. Available: http: http://www.scaramanga.co.uk/firestorm/.
52. M. Rehk, M. Pechoucek, P. Celeda, J. Novotn, P. Minark, CAMNEP: agent-based network intrusion detection system. Proceedings of the 7th international joint conference on Autonomous agents and multiagent systems, pp. 133-136, 2008.
53. M. Singh, S S. Sodhi, Distributed Intrusion Detection using Aglet Mobile Agent Technology. Proceedings of National Conference on Challenges & Opportunities in Information Technology RIMT-IET. Gobindgarh, Mar. 2007.
54. D. Gusfield, Algorithms on Strings, Trees, and Sequences, ISBN 0-521-58519-8, Cambridge University Press, 1997, 554 p.
55. M. Fisk, G. Varghese, Applying Fast String Matching to Intrusion Detection, Los Alamos National Laboratory, University of California San Diego, 2004.
56. Ben Amor, N., Benferhat, S., Elouedi Z., Rseaux baysiens nafs et arbres de dcision dans les systmes de detection dintrusions, RSTI, VOL 25/2, pp.167-196, (2006) KDD Cup 1999:
57. http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html