Intrusion detection for computer systems is a key problem of the Internet, and the Windows NT operating system has a number of vulnerabilities. The work presented here demonstrates that independent detection agents under Windows NT can be run in a distributed fashion, each operating mostly independent of the others, yet cooperating and communicating to provide a truly distributed detection mechanism without a single point of failure. The agents can run ...
Reports by Author
