Accession Number:

ADA458055

Title:

Distributed Intrusion Detection for Computer Systems Using Communicating Agents

Descriptive Note:

Corporate Author:

MARINE CORPS WARFIGHTING LAB QUANTICO VA

Report Date:

2000-01-01

Pagination or Media Count:

28.0

Abstract:

Intrusion detection for computer systems is a key problem of the Internet, and the Windows NT operating system has a number of vulnerabilities. The work presented here demonstrates that independent detection agents under Windows NT can be run in a distributed fashion, each operating mostly independent of the others, yet cooperating and communicating to provide a truly distributed detection mechanism without a single point of failure. The agents can run along with user and system software without noticeable consumption of system resources, and without generating an overwhelming amount of network traffic during an attack.

Subject Categories:

  • Computer Programming and Software
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE