Skip to Main content Skip to Navigation
Conference papers

A Snort-based Mobile Agent for a Distributed Intrusion Detection System

Imen Brahmi 1 Sadok Ben Yahia 1 Pascal Poncelet 2 
2 TATOO - Fouille de données environnementales
LIRMM - Laboratoire d'Informatique de Robotique et de Microélectronique de Montpellier
Abstract : Due to the rapid growth of the network application, new kinds of network attacks are endlessly emerging. Thus, it is of paramount importance to protect the networks from attackers. Consequently, the Intrusion Detec- tion Systems (IDS) are quickly becoming a popular requirement in building a network security infrastructure. Most existing and commercial IDS are generally centralized and suffer from a number of drawbacks, e.g., high rates of false positives, low efficiency, etc, especially when they face distributed attacks. In this paper, we introduce a novel mobile agent-based intrusion detection system focusing on the misuse detection approach, called DIDMAS (Distributed Intrusion Detection using Mobile Agents and Snort). DIDMAS takes advan- tages of the mobile agent paradigm to implement an efficient distributed system, as well as the integration of existing techniques, i.e., the well-known IDS SNORT. Carried out experiments showed that our proposed system presents better performance as well as a good scalability compared to the pioneer known centralized IDS SNORT system over real traffic and a set of simulated attacks.
Document type :
Conference papers
Complete list of metadata

Cited literature [19 references]  Display  Hide  Download
Contributor : Pascal Poncelet Connect in order to contact the contributor
Submitted on : Friday, March 22, 2019 - 10:31:55 AM
Last modification on : Friday, August 5, 2022 - 10:46:40 AM
Long-term archiving on: : Sunday, June 23, 2019 - 1:26:08 PM


Files produced by the author(s)


  • HAL Id : lirmm-00798311, version 1



Imen Brahmi, Sadok Ben Yahia, Pascal Poncelet. A Snort-based Mobile Agent for a Distributed Intrusion Detection System. SECRYPT: Security and Cryptography, Jul 2011, Seville, Spain. pp.198-207. ⟨lirmm-00798311⟩



Record views


Files downloads