Tolerância a Falhas para o NIDIA: um Sistema de detecção de Intrusão Baseado em Agentes Inteligentes

Detalhes bibliográficos
Ano de defesa: 2006
Autor(a) principal: SIQUEIRA, Lindonete Gonçalves
Orientador(a): ABDELOUAHAB, Zair lattes
Banca de defesa: Não Informado pela instituição
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Universidade Federal do Maranhão
Programa de Pós-Graduação: PROGRAMA DE PÓS-GRADUAÇÃO EM ENGENHARIA DE ELETRICIDADE/CCET
Departamento: Engenharia
País: BR
Palavras-chave em Português:
Segurança
Detecção de Intrusão
Tolerância a Falhas
Sistema Multiagente
Confiabilidade
Palavras-chave em Inglês:
Security
Intrusion Detection
Fault Tolerance
Multiagent System
Reliability
Área do conhecimento CNPq:
CNPQ::CIENCIAS EXATAS E DA TERRA::CIENCIA DA COMPUTACAO
Link de acesso: http://tedebc.ufma.br:8080/jspui/handle/tede/407
Resumo: An Intrusion Detection System (IDS) is one tool among several existing ones to provide safety to a computational system. The IDS has the objective of identifying individuals that try to use a system in non-authorized way or those that have authorization but are abusing of their privileges. However, to accomplish the functions correctly an IDS needs to guarantee reliability and availability of its own application. The IDS should provide continuity to its services in case of faults, mainly faults caused by malicious actions. This thesis proposes a fault tolerance mechanism for the Network Intrusion Detection System based on Intelligent Agents Project (NIDIA), an intrusion detection system based on the agents technology. The mechanism uses two approaches: monitoring the system and replication of agents. The mechanism has a society of agents that monitors the system to collect information related to its agents and hosts and to provide an appropriate recovery for each type of detected fault. Using the information that is collected, it is possible: to discover agents that are not active; determine which agents must be replicated and which replication strategy must be used. The replication type depends on the type of each agent and its importance for the system in different moments of processing. Moreover, this monitoring allows to accomplish other important tasks such as load balancing, migration, and detection of malicious agents, to guarantee safety of the proper IDS (self protection). The implementation of the proposed architecture and the illustrated tests demonstrate the viability of the solution.

Registros relacionados