Title

A distributed autonomous intrusion detection framework

Document Type

Conference Proceeding

Publication Date

12-1-2007

Abstract

In this paper, we present a highly-configurable distributed autonomous intrusion detection framework. It supports a hybrid, integrated and flexible intrusion detection model which consists of a family of intrusion detection agents. Agents can dynamically download and install appropriate modules, signatures and policy files from the central server based on operational requirements. A group key management system is used to provide secure and scalable group communication and group management in A2D2. Flexible intrusion response mechanisms are designed. A data fusion and event analysis engine (mEngine) and an object-based intrusion modeling language (mLanguage) are also designed. Both mEngine and mLanguage are domain-independent.

Publication Title

GLOBECOM - IEEE Global Telecommunications Conference

Share

COinS