Date Added: Apr 2012
The aim of this paper is to detect anomalous usage of legitimate applications by authorized users in Windows environment and to implement a fault - tolerant architecture which can continue providing detection service even in case of failure of one or more detecting servers. This paper also aims to implementing mobile agent technology for gathering the information from various monitored hosts for a period of every 10 seconds. And to build per - application based profile for authorized users. This paper implements the architecture that continues providing detection services even in case of busy state or failure of one more detecting server.