Distributed and Scalable Intrusion Detection System Based on Agents and Intelligent Techniques


Aly M. El-Semary, Mostafa Gadal-Haqq M. Mostafa, Journal of Information Processing Systems Vol. 6, No. 4, pp. 481-500, Aug. 2010  

10.3745/JIPS.2010.6.4.481
Keywords: data-mining, Fuzzy Logic, IDS, Intelligent Techniques, network security, Software Agents
Fulltext:

Abstract

The Internet explosion and the increase in crucial web applications such as ebanking and e-commerce, make essential the need for network security tools. One of such tools is an Intrusion detection system which can be classified based on detection approachs as being signature-based or anomaly-based. Even though intrusion detection systems are well defined, their cooperation with each other to detect attacks needs to be addressed. Consequently, a new architecture that allows them to cooperate in detecting attacks is proposed. The architecture uses Software Agents to provide scalability and distributability. It works in two modes: learning and detection. During learning mode, it generates a profile for each individual system using a fuzzy data mining algorithm. During detection mode, each system uses the FuzzyJess to match network traffic against its profile. The architecture was tested against a standard data set produced by MIT Lincoln Laboratory and the primary results show its efficiency and capability to detect attacks. Finally, two new methods, the memory-window and memoryless-window, were developed for extracting useful parameters from raw packets. The parameters are used as detection metrics


Statistics
Show / Hide Statistics

Statistics (Cumulative Counts from November 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.




Cite this article
[APA Style]
Aly M. El-Semary and Mostafa Gadal-Haqq M. Mostafa (2010). Distributed and Scalable Intrusion Detection System Based on Agents and Intelligent Techniques. Journal of Information Processing Systems, 6(4), 481-500. DOI: 10.3745/JIPS.2010.6.4.481 .

[IEEE Style]
A. M. El-Semary and M. G. M. Mostafa, "Distributed and Scalable Intrusion Detection System Based on Agents and Intelligent Techniques," Journal of Information Processing Systems, vol. 6, no. 4, pp. 481-500, 2010. DOI: 10.3745/JIPS.2010.6.4.481 .

[ACM Style]
Aly M. El-Semary and Mostafa Gadal-Haqq M. Mostafa. 2010. Distributed and Scalable Intrusion Detection System Based on Agents and Intelligent Techniques. Journal of Information Processing Systems, 6, 4, (2010), 481-500. DOI: 10.3745/JIPS.2010.6.4.481 .