X
Home Center for Information Assurance (CfIA) Projects Cougar Based Intrusion Detection Systems

Cougar Based Intrusion Detection Systems

This project involves in developing a distributed Security Agent framework for monitoring Ultra*Log environment. The purpose is to detect malfunctions, faults, abnormalities, misuse, deviations, intrusions, etc. and take appropriate actions. Accordingly, it simultaneously monitors Ultra*Log node activities at different levels (Node, Agent and Plug In).The objective is to find correlation among the deviated values (from the normal or defined policy) of monitored parameters to determine specific security violations. The CIDS looks for deviation from the defined normal, based on low-level policy, or examining the past behavior (off-line training). In this agent framework a security node consists of four different agents (Manager agent, Monitor agent, Decision agent and Action agent) and their activities are coordinated through the Manager Agent while sensing, communicating and generating responses. All these functional modules work in coordination to address some specific security issues of the Ultra*Log environment. The current version of CIDS (prototype 1.0) is operational now which provides basic security agent infrastructure.

Youvisit Pixel

The University of Memphis uses cookies in order to enhance your website experience. Visit our Website’s Cookie Policy for more information on how the UofM uses cookies. I understand that by clicking “I agree” and/or continuing to use this website, I agree to the UofM’s use of cookies. More information >