Abstract
The increasing number of network security related incidents have made it necessary for the organizations to actively protect their sensitive data with network intrusion detection systems (IDSs). IDSs are expected to analyze a large volume of data while not placing a significantly added load on the monitoring systems and networks. This requires good data mining strategies which take less time and give accurate results. In this study, a novel data mining assisted multiagent-based intrusion detection system (DMAS-IDS) is proposed, particularly with the support of multiclass supervised classification. These agents can detect and take predefined actions against malicious activities, and data mining techniques can help detect them. Our proposed DMAS-IDS shows superior performance compared to central sniffing IDS techniques, and saves network resources compared to other distributed IDS with mobile agents that activate too many sniffers causing bottlenecks in the network. This is one of the major motivations to use a distributed model based on multiagent platform along with a supervised classification technique.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Garuba M., Liu C., Fraites D.: Intrusion techniques: Comparative study of network intrusion detection systems. Fifth International Conference on Information Technology, New Generations, 2008.
Ilgun K., Kemmerer R.A., Porras P.A.: State transition analysis: A rule-based intrusion detection approach. IEEE Trans. Softw. Eng. 21, 3, pages 181–199, 1995.
JAMA (2008) Available at: http://math.nist.gov/javanumerics/jama/
Java Agent Development Framework (2008). Available at: http://jade.tilab.com/
Jin X., Zhang Y., Zhou Y., Wei Y.: A novel IDS agent distributing protocol for MANETs, V.S. Sunderan et al. (Eds.), ICCS 2005, LNCS 3515, pages 502–509, 2005.
JPCAP (2008) Available at: jpcap.sourceforge.net/javadoc/index.html
Kannadiga P., Zulkernine M.: DIDMA: A distributed intrusion detection system using mobile agents, Proceedings of Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing and First ACIS International Workshop on Self-Assembling Wireless Networks, pp. 238–245, 2005.
Kargupta H., Park B., Hershberger D., Johnson E.: Advances in distributed and parallel knowledge discovery, chapter 5, Collective Data Mining: A New Perspective Toward Distributed Data Mining. AAAI/MIT Press, 2000.
Klusch M., Lodi S., Moro G.: The role of agents in distributed data mining: Issues and benefits. Proceedings of the IEEE/WIC International Conference on Intelligent Agent Technology (IAT’03), 2003.
Kumar S., Spafford E. H.: A software architecture to support misuse intrusion detection. In Proceedings of the 18th National Conference on Information Security. 194–204, 1995.
lipeRMI (2006). Available at http://lipermi.sourceforge.net/
Marhusin M., Cornforth D., Larkin H.: An overview of recent advances in intrusion detection. CIT, 2008.
Pahlevanzadeh, B., Samsudin, A.: Distributed hierarchical IDS for MANET over AODV+, IEEE International Conference on Telecommunications and Malaysia International Conference on Communications, pages 220–225, May 14–17, 2007.
Quirino T., Xie Z., Shyu M.-L., Chen S.-C., Chang L.: Collateral representative subspace projection modeling for supervised classification. The Proceedings of 18th IEEE International Conference on Tools with Artificial Intelligence (ICTAI’06), pages 98–105, 2006.
Sainani V., Shyu M.-L.: A hybrid layered multiagent architecture with low cost and low response time communication protocol for network intrusion detection systems. The IEEE 23rd International Conference on Advanced Information Networking and Applications, Accepted for publication, 2009.
Shyu M.-L., Chen S.-C., Sarinnapakorn K., Chang L.: Principal component-based anomaly detection scheme. Foundations and Novel Approaches in Data Mining, pages 311–329, Springer-Verlag, Vol. 9, 2006.
Spafford E., Zamboni D.: Intrusion detection using autonomous agents. Computer Networks 34, 4, 547–570,2000.
Stolfo S., Prodromidis A., Tselepis S., Lee W., Fan D., Chan P.: JAM: Java agents for meta-learning over distributed databases. Proceedings of KDD-97, pages 74–81, Newport Beach, California, USA, 1997.
Vaidehi K., Ramamurthy B.: Distributed hybrid agent based intrusion detection and real time response system. Proceedings of the First International Conference on Broadband Networks, pages 739–741, 2004.
Xie Z., Quirino T., Shyu M.-L.: A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier. Proceedings of the IEEE International Conference on Sensor Networks, Ubiqquitous, and Trustworthy Computing (SUTC’06), pages 446–453, 2006.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Shyu, ML., Sainani, V. (2009). A Multiagent-based Intrusion Detection System with the Support of Multi-Class Supervised Classification. In: Cao, L. (eds) Data Mining and Multi-agent Integration. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-0522-2_8
Download citation
DOI: https://doi.org/10.1007/978-1-4419-0522-2_8
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-0521-5
Online ISBN: 978-1-4419-0522-2
eBook Packages: Computer ScienceComputer Science (R0)