Towards a Multiagent-Based Distributed Intrusion Detection System Using Data Mining Approaches

Abstract : The system that monitors the events occurring in a computer system or a network and analyzes the events for sign of intrusions is known as Intrusion Detection System (IDS). The IDS need to be accurate, adaptive, and extensible. Although many established techniques and commercial products exist, their effectiveness leaves room for improvement. A great deal of research has been carried out on intrusion detec- tion in a distributed environment to palliate the drawbacks of centralized approaches. However, distributed IDS suffer from a number of drawbacks e.g., high rates of false positives, low efficiency, etc. In this paper, we propose a distributed IDS that integrates the desirable features provided by the multi-agent methodology with the high accuracy of data mining techniques. The proposed system relies on a set of intelligent agents that collect and analyze the network connections, and data mining techniques are shown to be useful to detect the intrusions. Carried out experiments showed superior performance of our distributed IDS compared to the centralized one.
Document type :
Conference papers
Complete list of metadatas

Cited literature [51 references]  Display  Hide  Download

https://hal-lirmm.ccsd.cnrs.fr/lirmm-00798316
Contributor : Pascal Poncelet <>
Submitted on : Thursday, March 21, 2019 - 7:32:42 PM
Last modification on : Thursday, March 21, 2019 - 7:49:54 PM
Long-term archiving on : Saturday, June 22, 2019 - 4:16:01 PM

File

ADMI.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

Imen Brahmi, Sadok Ben Yahia, Hamed Aouadi, Pascal Poncelet. Towards a Multiagent-Based Distributed Intrusion Detection System Using Data Mining Approaches. ADMI: Agents and Data Mining Interaction, 2011, Taipei, Taiwan. pp.173-194, ⟨10.1007/978-3-642-27609-5_12⟩. ⟨lirmm-00798316⟩

Share

Metrics

Record views

563

Files downloads

55