A fault tolerance mechanism for network intrusion detection system based on intelligent agents (NIDIA)

摘要

The intrusion detection system (IDS) has as objective to identify individuals that try to use a system in way not authorized or those that have authorization to use but they abuse of their privileges. The IDS to accomplish its function must, in some way, to guarantee reliability and availability to its own application, so that it gets to give continuity to the services even in case of faults, mainly faults caused by malicious agents. This paper proposes an adaptive fault tolerance mechanism for network intrusion detection system based on intelligent agents. We propose the creation of a society of agents that monitors a system to collect information related to agents and hosts. Using the information which is collected, it is possible: to detect which agents are still active; which agents should be replicated and which strategy should be used. The process of replication depends on each type of agent, and its importance to the system at different moments of processing. We use some agents as sentinels for monitoring and thus allowing us to accomplish some important tasks such load balancing, migration, and detection of malicious agents, to guarantee the security of the proper IDS.