Architecture for Intrusion Detection System With Fault Tolerance Using Mobile Agent

This paper is a survey of the work, done for making an IDS fault tolerant. Architecture of IDS that uses mobile Agent provides higher scalability. Mobile Agent uses Platform for detecting Intrusions using filter Agent, co-relater agent, Interpreter agent and rule database. When server (IDS Monitor) goes down, other hosts based on priority takes Ownership. This architecture uses decentralized collection and analysis for identifying Intrusion. Rule sets are fed based on user-behaviour or application-behaviour. This paper suggests that Intrusion Detection System (IDS) must be fault tolerant; otherwise, the intruder may first subvert the IDS then attack the target system at will.

Provided by: Academy & Industry Research Collaboration Center Topic: Security Date Added: Sep 2011 Format: PDF

Find By Topic