scholarly journals An adaptive distributed Intrusion detection system architecture using multi agents

2019 ◽  
Vol 9 (6) ◽  
pp. 4951
Author(s):  
Riyad A. M. ◽  
M. S. Irfan Ahmed ◽  
R. L. Raheemaa Khan
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Mobile Agents ◽  
Detection System ◽  
Single Point ◽  
False Positives ◽  
Detection Systems ◽  
Bulk Data ◽  
Distributed Intrusion Detection ◽  
Multi Agents

Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system.

Design and Simulation of a Tree-Based Intrusion Detection System against Denial of Service

2010 ◽  
Vol 29-32 ◽  
pp. 790-795
Author(s):  
Yuan Bai ◽  
Zhong Ying Bai
Keyword(s):  
Data Structure ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Detection System ◽  
Single Point ◽  
Denial Of Service ◽  
Network Element ◽  
Distributed Intrusion Detection ◽  
Simulation Results ◽  
And Performance

Based on analysis of relative and absolute traffic anomalies a fully DIDS(Distributed Intrusion Detection System) is built to detect and respond flooding DoS(Denial of Service) in a specific network area, using traffic trees as data structure to store, execute, communicate and combine abnormal data. A single component settled in a network element is called Tree-Devices and all Tree-Devices construct a Tree-DIDS, a fully DIDS. Tree-Devices communicate with other devices in three ways and collaborate to detect attacks, by which communication cost is reduced. Fully architecture avoids the single point failure, while double anomalies help to warn earlier. The simulation results and performance analysis show that Tree-DIDS works effectively.

Distributed Intrusion Detection Systems

2007 ◽  
pp. 231-238
Author(s):  
Rosalind Deena Kumari ◽  
G. Radhamani
Keyword(s):  
Intrusion Detection ◽  
System Architecture ◽  
Intrusion Detection System ◽  
Detection System ◽  
Research Work ◽  
Intrusion Detection Systems ◽  
Future Research ◽  
Detection Systems ◽  
Distributed Intrusion Detection ◽  
Entire Network

The recent tremendous increase in the malicious usage of the network has made it necessary that an IDS should encapsulate the entire network rather than at a system. This was the inspiration for the birth of a distributed intrusion detection system (DIDS). Different configurations of DIDSs have been actively used and are also rapidly evolving due to the changes in the types of threats. This chapter will give the readers an overview of DIDS and the system architecture. It also highlights on the various agents that are involved in DIDS and the benefits of the system. Finally, directions for future research work are discussed.

Sign in / Sign up

Export Citation Format

Share Document