Abstract
Considering some employees in the department abuse their privilege for personal gain through the local network, in the paper, we present a distributed intrusion detection system named APA (Application Process Audit), which tackles the interior violation. APA provides a multi-agents system to set up tailored intrusion detection systems for real-time applications. Data mining technologies have been applied to the alerts file and audit logs in order to find some interesting audit rules, at the same time the rules base can be automatically extend with these rules. The whole system has six kinds of agent, which cooperate with each other to implement the monitor. Now APA has been applied to several security departments and has received a good reputation.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Helmer, G., Wong, J.S.K., Honavar, V., Miller, L., Wang, Y.: Lightweight agents for intrusion detection. The Journal of Systems and Software 67, 109–122 (2003)
Shin, M.S., Kim, E.H., Ryu, K.H.: False Alarm Classification Model for Network-Based Intrusion Detection System. In: Yang, Z.R., Yin, H., Everson, R.M. (eds.) IDEAL 2004. LNCS, vol. 3177, pp. 259–265. Springer, Heidelberg (2004)
Kachirski, O., Guha, R.: Effective Intrusion Detection Using Multiple Sensors in Wireless Ad Hoc Networks. In: Proceedings of the 36th Hawaii International Conference on System Sciences, HICSS 2003 (2003) 0-7695-1874-5/03
Ramasubramanian, P., Kannan, A.: Intelligent Multi-agent Based Database Hybrid Intrusion Prevention System. In: Benczúr, A.A., Demetrovics, J., Gottlob, G. (eds.) ADBIS 2004. LNCS, vol. 3255, pp. 393–408. Springer, Heidelberg (2004)
Puttini, R.S., Percher, J.-M., Mé, L.: A Modular Architecture for Distributed IDS in MANET. In: Kumar, V., Gavrilova, M.L., Tan, C.J.K., L’Ecuyer, P. (eds.) ICCSA 2003. LNCS, vol. 2669, pp. 91–113. Springer, Heidelberg (2003)
Baik, S., Bala, J.: A Decision Tree Algorithm for Distributed Data Mining: Towards Network Intrusion Detection. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3046, pp. 206–212. Springer, Heidelberg (2004)
Pietraszek, T.: Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection. In: Jonsson, E., Valdes, A., Almgren, M. (eds.) RAID 2004. LNCS, vol. 3224, pp. 102–124. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pi, D., Wang, Q., Li, W., Lv, J. (2005). APA: An Interior-Oriented Intrusion Detection System Based on Multi-agents. In: Lu, X., Zhao, W. (eds) Networking and Mobile Computing. ICCNMC 2005. Lecture Notes in Computer Science, vol 3619. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11534310_128
Download citation
DOI: https://doi.org/10.1007/11534310_128
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28102-3
Online ISBN: 978-3-540-31868-2
eBook Packages: Computer ScienceComputer Science (R0)