Distributed and Scalable Intrusion Detection System Based on Agents and Intelligent Techniques

Aly M. El-Semary and Mostafa Gadal-Haqq M. Mostafa
Volume: 6, No: 4, Page: 481 ~ 500, Year: 2010
10.3745/JIPS.2010.6.4.481
Keywords: Data-Mining, Fuzzy Logic, IDS, Intelligent Techniques, Network Security, Software Agents
Full Text:

Abstract
The Internet explosion and the increase in crucial web applications such as ebanking and e-commerce, make essential the need for network security tools. One of such tools is an Intrusion detection system which can be classified based on detection approachs as being signature-based or anomaly-based. Even though intrusion detection systems are well defined, their cooperation with each other to detect attacks needs to be addressed. Consequently, a new architecture that allows them to cooperate in detecting attacks is proposed. The architecture uses Software Agents to provide scalability and distributability. It works in two modes: learning and detection. During learning mode, it generates a profile for each individual system using a fuzzy data mining algorithm. During detection mode, each system uses the FuzzyJess to match network traffic against its profile. The architecture was tested against a standard data set produced by MIT Lincoln Laboratory and the primary results show its efficiency and capability to detect attacks. Finally, two new methods, the memory-window and memoryless-window, were developed for extracting useful parameters from raw packets. The parameters are used as detection metrics

Article Statistics
Multiple requests among the same broswer session are counted as one view (or download).
If you mouse over a chart, a box will show the data point's value.


Cite this article
IEEE Style
Aly M. El-Semary and Mostafa Gadal-Haqq M. Mostafa , "Distributed and Scalable Intrusion Detection System Based on Agents and Intelligent Techniques," Journal of Information Processing Systems, vol. 6, no. 4, pp. 481~500, 2010. DOI: 10.3745/JIPS.2010.6.4.481 .

ACM Style
Aly M. El-Semary and Mostafa Gadal-Haqq M. Mostafa , "Distributed and Scalable Intrusion Detection System Based on Agents and Intelligent Techniques," Journal of Information Processing Systems, 6, 4, (2010), 481~500. DOI: 10.3745/JIPS.2010.6.4.481 .