In this work, the design and implementation of a log analyzer agent is described. This agent is conceived to act as a part of a multi-agent Intrusion Detection System. The agent analyzes log files of services, applications or operating systems contrasting every log line with a set of security rules defined by experts. These rules can be created using a new easy to use XML-based format founded on an object-oriented model. Whenever a security match is found, the agent sends a security report to the next level of the multi-agent system using the IDMEF (Intrusion Detection Message Exchange Format) and the IDXP (Intrusion Detection Exchange Protocol). © 2010 Springer-Verlag.
CITATION STYLE
Porto-Díaz, I., Fontenla-Romero, Ó., & Alonso-Betanzos, A. (2010). A log analyzer agent for intrusion detection in a multi-agent system. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6276 LNAI, pp. 168–177). https://doi.org/10.1007/978-3-642-15387-7_21
Mendeley helps you to discover research relevant for your work.