Today the computer security community is in search of novel solutions to achieve efficient detection and response mechanisms. It is especially because attackers intervene in an automated way, at computer speed. Therefore, there is need of such intrusion detection and response systems, which detect and respond at the same speed so that damage may be minimized. We have designed an intrusion detection and response system prototype, based on mobile agents. Our agents travel between systems in a network, obtain information, classify and correlate the information and report to the manager of the intrusion detection and response system (IDRS) which is responsible for responding the attack.
展开▼