Agent-based IDS is a powerful technique used by network administrator to monitor traffic activities in their network. However, the widespread network coverage has introduced a possibility of a hacker installing unauthorized agents or fake agents secretly within the network. This is considered as a very serious threat to the network security. This paper proposes a protocol that is used to detect the presence of a fake agent upon its installation. The technique is a combination of Elgamal encryption, Elgamal digital signature, and SHA-I message digest function. A simple implementation was developed to test the proposed protocol. � 2008 IEEE. DOI 10.1109/CIT.2008.Workshops.122.

EDOWA system is a system that is capable to detect worm efficiently and provide an early warning to the system administrator. Worms are a major threat to Internet-connected hosts and networks and their nature of widespread epidemic spread needed to be detected quickly in order to contain its outbreak. In EDOWA, the frequency of network packet will be observed by the system. The wide spreading nature of worm will cause the network packet to be transfer massively over the network and cause the substantial increase in frequency. The threshold that detects the worm activity pattern will adjust accordingly to the increase of network traffic to accommodate high speed large network traffic. By having this threshold adjust accordingly, it will increase worm detection efficiency. With fuzzy logic, the degree of urgency of a warning can be defined. � 2008 IEEE.