Mobile agent-based misuse intrusion detection rule propagation model for distributed system

This paper describes the rule propagation model for the Misuse detection methods using mobile agents. Approaches to detecting intrusions can be broadly classified into two categories: Anomaly Detection and Misuse Detection. Misuse detection is best suited for reliably detecting known use patterns. Misuse detection systems can detect many or all known attack patterns, but they are of little use for as yet unknown attack methods [1]. Therefore, the introduction of mobile agents to provide computational security by constantly moving around the Internet and propagating rules is presented as a solution to misuse detection. This work presents a method of use of mobile agent mechanisms to add mobility features to the process of rule propagation. This approach presents significant advantages in terms of spreading rules rapidly, increasing scalability and providing fault tolerance.