New Approach for Detecting Intrusions
This paper describes how multi-agent systems can help to solve a complex problem such as security and more precisely intrusion detection. Intrusion Detection System (I.D.S) is a component of the security infrastructure designed to detect violations of security policy. Most of the intrusions can be localized either by considering of models "Pattern" of user activities (non-behavioral approach) or by considering the audit log (behavioral approach). False positives and false negatives are considered as the major disadvantages of these approaches. The authors consider that good I.D.S should respond to the characteristics of intelligent agents such as autonomy, distribution and communication.