Download now Free registration required
Most current IDS are generally centralized and suffer from significant limitations when used in high speed networks, especially when they face distributed attacks. This paper shows that the use of mobile agents has practical advantages for intrusion detection. For this purpose the authors carried out a comparative experimental study of some IDS, showing their limits and then they propose an implementation of a new MAFIDS (Mobile Agent For Intrusion Detection System) model focusing on misuse approach. The performance of MAFIDS is investigated in terms of detection delay, false alarm and detection rate by comparing it to a centralized IDS over real traffic and a set of simulated attacks.
- Format: PDF
- Size: 495.35 KB