Especificação de Agentes de Captura para Sistemas Detectores de Intrusão
Abstract
The packet capture approach is used by network administrators to gather information regarding the user and network behavior. A common problem faced today in intrusion detection systems (IDSs) network based, concerns the use of existing packet capture systems in large segmented networks. The objective of this paper is to overcome this limitation by means of a system composed by static capture agents, integrated to the specification of an IDS based on the paradigm of mobile agents.
Keywords:
packet capture (sniffers), intrusion detection systems (IDSs), switches, network monitoring
References
Bernardes, M. C. (1999). Avaliação do Uso de Agentes Móveis em Segurança Computacional. Dissertação de Mestrado, ICMC/USP.
Bernardes, M.C. & Moreira E.S. A Proposal for Intrusion Detection Systems Based on Mobile Agents. Proceedings of Fifth Int Symposium on Parallel and Distributed Engineering, Eds Nixon And Ritchie, Pub IEEE Cs Pres, 2000.
Cansian, A. M. (1997). Desenvolvimento de Um Sistema Adaptativo de Detecção de Intrusos em Redes de Computadores. Tese de Doutorado, Instituto de Física de São Carlos - USP.
Cisco. Cisco Netacad Program – Semester 1 V2.1.1. Cisco Press, 2002.
Crosbie, M. & Spafford, E.H. Active Defense of A Computer System Using Autonomous Agents. Departament of Computer Science, Purdue University, 1995. (Technical Report Csd-Tr-95-008).
Crosbie, M. & Spafford, E.H. Defending A Computer System Using Autonomous Agents. Departament of Computer Science, Purdue University, 1995. (Technical Report Csd-Tr-95-022; Coast Tr 95-02).
Lange, D.B; Oshima, M. Programming and Deploying Java Mobile Agents with Aglets. Addison Wesley Longman, Inc. 1998.
Zamboni, D., Balasubramaniyan, J., Garcia-Fernandes, J.O., Spafford E.H. An Architecture for Intrusion Detection Using Autonomous Agents. Departament of Computer Science, Purdue University; Coast Tr 98-05; 1998.
Sipes, S. (2000). Intrusion Detection Faq, Why Your Switched Network Isn't Secure. Sans Institute Resouces.
Bernardes, M.C. & Moreira E.S. A Proposal for Intrusion Detection Systems Based on Mobile Agents. Proceedings of Fifth Int Symposium on Parallel and Distributed Engineering, Eds Nixon And Ritchie, Pub IEEE Cs Pres, 2000.
Cansian, A. M. (1997). Desenvolvimento de Um Sistema Adaptativo de Detecção de Intrusos em Redes de Computadores. Tese de Doutorado, Instituto de Física de São Carlos - USP.
Cisco. Cisco Netacad Program – Semester 1 V2.1.1. Cisco Press, 2002.
Crosbie, M. & Spafford, E.H. Active Defense of A Computer System Using Autonomous Agents. Departament of Computer Science, Purdue University, 1995. (Technical Report Csd-Tr-95-008).
Crosbie, M. & Spafford, E.H. Defending A Computer System Using Autonomous Agents. Departament of Computer Science, Purdue University, 1995. (Technical Report Csd-Tr-95-022; Coast Tr 95-02).
Lange, D.B; Oshima, M. Programming and Deploying Java Mobile Agents with Aglets. Addison Wesley Longman, Inc. 1998.
Zamboni, D., Balasubramaniyan, J., Garcia-Fernandes, J.O., Spafford E.H. An Architecture for Intrusion Detection Using Autonomous Agents. Departament of Computer Science, Purdue University; Coast Tr 98-05; 1998.
Sipes, S. (2000). Intrusion Detection Faq, Why Your Switched Network Isn't Secure. Sans Institute Resouces.
Published
2002-05-22
How to Cite
TAVARES, Dalton Matsuo; BERNARDES, Mauro César; MOREIRA, Edson dos Santos; PEREIRA FILHO, Stenio Firmino.
Especificação de Agentes de Captura para Sistemas Detectores de Intrusão. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 2. , 2002, Búzios.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2002
.
p. 87-94.
DOI: https://doi.org/10.5753/sbseg.2002.21268.
