Recently, numerous studies have focused on multi-agent based intrusion detection systems (IDSs) in order to detect intrusion behavior more efficiently. However, since an agent is easily subverted by a process that is faulty, a multi-agent based intrusion detection system must be fault tolerant by being able to recover from system crashes, caused either accidentally or by malicious activity. Many of the existing IDSs have no means of providing such failure recovery. In this paper, we propose the novel intrusion-tolerant IDS using communication-induced checkpointing and pessimistic message logging techniques. When the failed agent is restarted, therefore, our proposed system can recover its previous state and resume its operation unaffected. In addition, agents communicate with each other by sending messages without causality violation using vector timestamps. © Springer-Verlag Berlin Heidelberg 2004.
CITATION STYLE
Yi, M. K., & Hwang, C. S. (2004). Intrusion-tolerant intrusion detection system. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3073, 476–483. https://doi.org/10.1007/978-3-540-25952-7_38
Mendeley helps you to discover research relevant for your work.