We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
An adaptive distributed intrusion detection system architecture using multi agents.
- Authors
Riyad A. M.; Ahmed, M. S. Irfan; Khan, R. L. Raheemaa
- Abstract
Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system.
- Publication
International Journal of Electrical & Computer Engineering (2088-8708), 2019, Vol 9, Issue 6, p4951
- ISSN
2088-8708
- Publication type
Academic Journal
- DOI
10.11591/ijece.v9i6.pp4951-4960