Intrusion Detection Systems (IDS) are used to discover several kinds of attacks. Commercial solutions are, generally centralized and suffer from significant limitations when used in high speed networks. This is one of our major motivations to use distributed model based on agent platform. We believe that agent facilities will help collecting efficent and useful informations for IDS. We also propose to use a combined analysis by invoking speciallized agents. The idea is to have a signature based agent, temporal analysis agent and behavior analysis agent. By combining three ananlysis, our IDS will be able to detect several kinds of attacks and intrusions. Before introducing our global agent IDS architecture, we need to validate the agent palteforme use and verify a set of security features. The first step is to choose a platforme which can offer security mechanisms needed by IDS solutions. In this paper, we first sum up IDS security needs, we introduce a set of comparison criteria and we present a security feautures study of agent platforme. After studying Concordia, JADE, Aglet, Voyager, Agent-TCL , MAP and JATLite platformes, we introduce our agent IDS by presenting the global architecture and future works.

Toward Agent IDS: agent platform security features study abstract

Toward Agent IDS: agent platform security features study slides