Current network security systems are primarily insular. These detection systems, such as virus scanners and intrusion detection systems, lack the capability to collaborate events to the controlled network. In other words, they lack the capability and inherent architecture to address attacks from a group perspective. Insular systems could thus be considered passive from a network perspective, as action taken on events has only the scope of network nodes, not the network as a whole. Furthermore, “distributed” defense systems use static, centralized sources of control which has several drawbacks. The foremost drawback is network failure. If a controller, such as a server, fails, the entire network security system is left without control. If the sever is compromised, a malicious entity may gain control of an entire system. Additionally, network conditions, such as segmentation and fragmentation, could lead to entire portions of the network not having access to the static server or the ability to adapt.