An adaptive distributed Intrusion detection system architecture using multi agents
Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future t...
Gespeichert in:
| Veröffentlicht in: | International journal of electrical and computer engineering (Malacca, Malacca) Malacca), 2019-12, Vol.9 (6), p.4951 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| container_end_page | |
|---|---|
| container_issue | 6 |
| container_start_page | 4951 |
| container_title | International journal of electrical and computer engineering (Malacca, Malacca) |
| container_volume | 9 |
| creator | A. M., Riyad Ahmed, M. S. Irfan Khan, R. L. Raheemaa |
| description | Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system. |
| doi_str_mv | 10.11591/ijece.v9i6.pp4951-4960 |
| format | Article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2391255985</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2391255985</sourcerecordid><originalsourceid>FETCH-LOGICAL-c200t-ba8078d5b12732aaa493221d1be7282bd35a75f125e86d65dcae1bfc226f574c3</originalsourceid><addsrcrecordid>eNpNkE1LAzEQhoMoWLS_wYDnrUl283UsxY9CQRA9h2wyW1Pa3TXJFvrv3W09OJd5GZ6ZgQehB0oWlHJNn8IOHCyOOohF31ea06LSglyhGSNKFUoSdf0v36J5SjsylhKCaT5DH8sWW2_7HI6AfUg5hnrI4PG6zXFIoWuxhwwuTymdUoYDttF9h2k2RMAj027xYdjngO0W2pzu0U1j9wnmf_0Ofb08f67eis3763q13BSOEZKL2ioilec1ZbJk1tpKl4xRT2uQTLHal9xK3lDGQQkvuHcWaN04xkTDZeXKO_R4udvH7meAlM2uG2I7vjSs1OMe14qPlLxQLnYpRWhMH8PBxpOhxJwdmrNDMzk0F4dmclj-AnNlaUo</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2391255985</pqid></control><display><type>article</type><title>An adaptive distributed Intrusion detection system architecture using multi agents</title><source>EZB-FREE-00999 freely available EZB journals</source><creator>A. M., Riyad ; Ahmed, M. S. Irfan ; Khan, R. L. Raheemaa</creator><creatorcontrib>A. M., Riyad ; Ahmed, M. S. Irfan ; Khan, R. L. Raheemaa</creatorcontrib><description>Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system.</description><identifier>ISSN: 2088-8708</identifier><identifier>EISSN: 2088-8708</identifier><identifier>DOI: 10.11591/ijece.v9i6.pp4951-4960</identifier><language>eng</language><publisher>Yogyakarta: IAES Institute of Advanced Engineering and Science</publisher><subject>Adaptive systems ; Agents (artificial intelligence) ; Algorithms ; Computer architecture ; Intrusion detection systems ; Modules ; Monitoring</subject><ispartof>International journal of electrical and computer engineering (Malacca, Malacca), 2019-12, Vol.9 (6), p.4951</ispartof><rights>Copyright IAES Institute of Advanced Engineering and Science Dec 2019</rights><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c200t-ba8078d5b12732aaa493221d1be7282bd35a75f125e86d65dcae1bfc226f574c3</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>A. M., Riyad</creatorcontrib><creatorcontrib>Ahmed, M. S. Irfan</creatorcontrib><creatorcontrib>Khan, R. L. Raheemaa</creatorcontrib><title>An adaptive distributed Intrusion detection system architecture using multi agents</title><title>International journal of electrical and computer engineering (Malacca, Malacca)</title><description>Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system.</description><subject>Adaptive systems</subject><subject>Agents (artificial intelligence)</subject><subject>Algorithms</subject><subject>Computer architecture</subject><subject>Intrusion detection systems</subject><subject>Modules</subject><subject>Monitoring</subject><issn>2088-8708</issn><issn>2088-8708</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2019</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNpNkE1LAzEQhoMoWLS_wYDnrUl283UsxY9CQRA9h2wyW1Pa3TXJFvrv3W09OJd5GZ6ZgQehB0oWlHJNn8IOHCyOOohF31ea06LSglyhGSNKFUoSdf0v36J5SjsylhKCaT5DH8sWW2_7HI6AfUg5hnrI4PG6zXFIoWuxhwwuTymdUoYDttF9h2k2RMAj027xYdjngO0W2pzu0U1j9wnmf_0Ofb08f67eis3763q13BSOEZKL2ioilec1ZbJk1tpKl4xRT2uQTLHal9xK3lDGQQkvuHcWaN04xkTDZeXKO_R4udvH7meAlM2uG2I7vjSs1OMe14qPlLxQLnYpRWhMH8PBxpOhxJwdmrNDMzk0F4dmclj-AnNlaUo</recordid><startdate>20191201</startdate><enddate>20191201</enddate><creator>A. M., Riyad</creator><creator>Ahmed, M. S. Irfan</creator><creator>Khan, R. L. Raheemaa</creator><general>IAES Institute of Advanced Engineering and Science</general><scope>AAYXX</scope><scope>CITATION</scope><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>BVBZV</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L6V</scope><scope>M7S</scope><scope>P5Z</scope><scope>P62</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope></search><sort><creationdate>20191201</creationdate><title>An adaptive distributed Intrusion detection system architecture using multi agents</title><author>A. M., Riyad ; Ahmed, M. S. Irfan ; Khan, R. L. Raheemaa</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c200t-ba8078d5b12732aaa493221d1be7282bd35a75f125e86d65dcae1bfc226f574c3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2019</creationdate><topic>Adaptive systems</topic><topic>Agents (artificial intelligence)</topic><topic>Algorithms</topic><topic>Computer architecture</topic><topic>Intrusion detection systems</topic><topic>Modules</topic><topic>Monitoring</topic><toplevel>online_resources</toplevel><creatorcontrib>A. M., Riyad</creatorcontrib><creatorcontrib>Ahmed, M. S. Irfan</creatorcontrib><creatorcontrib>Khan, R. L. Raheemaa</creatorcontrib><collection>CrossRef</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science & Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>East & South Asia Database</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer Science Database</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><jtitle>International journal of electrical and computer engineering (Malacca, Malacca)</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>A. M., Riyad</au><au>Ahmed, M. S. Irfan</au><au>Khan, R. L. Raheemaa</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>An adaptive distributed Intrusion detection system architecture using multi agents</atitle><jtitle>International journal of electrical and computer engineering (Malacca, Malacca)</jtitle><date>2019-12-01</date><risdate>2019</risdate><volume>9</volume><issue>6</issue><spage>4951</spage><pages>4951-</pages><issn>2088-8708</issn><eissn>2088-8708</eissn><abstract>Intrusion detection systems are used for monitoring the network data, analyze them and find the intrusions if any. The major issues with these systems are the time taken for analysis, transfer of bulk data from one part of the network to another, high false positives and adaptability to the future threats. These issues are addressed here by devising a framework for intrusion detection. Here, various types of co-operating agents are distributed in the network for monitoring, analyzing, detecting and reporting. Analysis and detection agents are the mobile agents which are the primary detection modules for detecting intrusions. Their mobility eliminates the transfer of bulk data for processing. An algorithm named territory is proposed to avoid interference of one analysis agent with another one. A communication layout of the analysis and detection module with other modules is depicted. The inter-agent communication reduces the false positives significantly. It also facilitates the identification of distributed types of attacks. The co-ordinator agents log various events and summarize the activities in its network. It also communicates with co-ordinator agents of other networks. The system is highly scalable by increasing the number of various agents if needed. Centralized processing is avoided here to evade single point of failure. We created a prototype and the experiments done gave very promising results showing the effectiveness of the system.</abstract><cop>Yogyakarta</cop><pub>IAES Institute of Advanced Engineering and Science</pub><doi>10.11591/ijece.v9i6.pp4951-4960</doi></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 2088-8708 |
| ispartof | International journal of electrical and computer engineering (Malacca, Malacca), 2019-12, Vol.9 (6), p.4951 |
| issn | 2088-8708 2088-8708 |
| language | eng |
| recordid | cdi_proquest_journals_2391255985 |
| source | EZB-FREE-00999 freely available EZB journals |
| subjects | Adaptive systems Agents (artificial intelligence) Algorithms Computer architecture Intrusion detection systems Modules Monitoring |
| title | An adaptive distributed Intrusion detection system architecture using multi agents |
| url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-03T20%3A40%3A38IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=An%20adaptive%20distributed%20Intrusion%20detection%20system%20architecture%20using%20multi%20agents&rft.jtitle=International%20journal%20of%20electrical%20and%20computer%20engineering%20(Malacca,%20Malacca)&rft.au=A.%20M.,%20Riyad&rft.date=2019-12-01&rft.volume=9&rft.issue=6&rft.spage=4951&rft.pages=4951-&rft.issn=2088-8708&rft.eissn=2088-8708&rft_id=info:doi/10.11591/ijece.v9i6.pp4951-4960&rft_dat=%3Cproquest_cross%3E2391255985%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2391255985&rft_id=info:pmid/&rfr_iscdi=true |