Abstract
The MAIDS project is an ambitious attempt
to create a framework for an intrusion detection system that is
efficient, fault-tolerant, modularly
compatible with other
detection systems, relatively simple to use and configure, and
uniquely related to a disciplined requirements
engineering
process. A user starts with a high-level description of system
vulnerabilities expressed as a software fault tree, and
transforms
it into a Colored Petri Net (CPN), which constitutes the intrusion
detection system's design specification. MAIDS provides
an
architecture and tools for implementing the CPN as a network of
mobile agents. Presented are a generic design and a specific
implementation of
the system, some preliminary performance
measurements, and discussion of the performance impact of a CPN node
reduction strategy.