A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier

Zongxing Xie, Thiago Quirino, Mei-Ling Shyu, Shu Ching Chen, LiWu Chang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

In this paper, a novel agent-based distributed intrusion detection system (IDS) is proposed, which integrates the desirable features provided by the distributed agent-based design methodology with the high accuracy and speed response of the Principal Component Classifier (PCC). Experimental results have shown that the PCC lightweight anomaly detection classifier outperforms other existing anomaly detection algorithms such as the KNN and LOF classifiers. In order to assess the performance of the PCC classifier on a real network environment, the Relative Assumption Model together with feature extraction techniques are used to generate normal and anomalous traffic in a LAN testbed. Finally, scalability and response performance of the proposed system are investigated through the simulation of the proposed communication architecture. The simulation results demonstrate a satisfactory linear relationship between the degradation of response performance and the scalability of the system.

Original languageEnglish
Title of host publicationProceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing
Pages446-453
Number of pages8
Volume2006 II
DOIs
StatePublished - Dec 15 2006
EventIEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing - Taichung, Taiwan, Province of China
Duration: Jun 5 2006Jun 7 2006

Other

OtherIEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing
CountryTaiwan, Province of China
CityTaichung
Period6/5/066/7/06

Fingerprint

Intrusion detection
Classifiers
Scalability
Testbeds
Local area networks
Feature extraction
Degradation
Communication

ASJC Scopus subject areas

  • Engineering(all)

Cite this

Xie, Z., Quirino, T., Shyu, M-L., Chen, S. C., & Chang, L. (2006). A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier. In Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (Vol. 2006 II, pp. 446-453). [1636211] https://doi.org/10.1109/SUTC.2006.1636211

A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier. / Xie, Zongxing; Quirino, Thiago; Shyu, Mei-Ling; Chen, Shu Ching; Chang, LiWu.

Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. Vol. 2006 II 2006. p. 446-453 1636211.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Xie, Z, Quirino, T, Shyu, M-L, Chen, SC & Chang, L 2006, A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier. in Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. vol. 2006 II, 1636211, pp. 446-453, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, Taichung, Taiwan, Province of China, 6/5/06. https://doi.org/10.1109/SUTC.2006.1636211
Xie Z, Quirino T, Shyu M-L, Chen SC, Chang L. A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier. In Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. Vol. 2006 II. 2006. p. 446-453. 1636211 https://doi.org/10.1109/SUTC.2006.1636211
Xie, Zongxing ; Quirino, Thiago ; Shyu, Mei-Ling ; Chen, Shu Ching ; Chang, LiWu. / A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier. Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing. Vol. 2006 II 2006. pp. 446-453
@inproceedings{71edb99cf6994933ade06390ce61e111,
title = "A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier",
abstract = "In this paper, a novel agent-based distributed intrusion detection system (IDS) is proposed, which integrates the desirable features provided by the distributed agent-based design methodology with the high accuracy and speed response of the Principal Component Classifier (PCC). Experimental results have shown that the PCC lightweight anomaly detection classifier outperforms other existing anomaly detection algorithms such as the KNN and LOF classifiers. In order to assess the performance of the PCC classifier on a real network environment, the Relative Assumption Model together with feature extraction techniques are used to generate normal and anomalous traffic in a LAN testbed. Finally, scalability and response performance of the proposed system are investigated through the simulation of the proposed communication architecture. The simulation results demonstrate a satisfactory linear relationship between the degradation of response performance and the scalability of the system.",
author = "Zongxing Xie and Thiago Quirino and Mei-Ling Shyu and Chen, {Shu Ching} and LiWu Chang",
year = "2006",
month = "12",
day = "15",
doi = "10.1109/SUTC.2006.1636211",
language = "English",
isbn = "0769525539",
volume = "2006 II",
pages = "446--453",
booktitle = "Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing",

}

TY - GEN

T1 - A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier

AU - Xie, Zongxing

AU - Quirino, Thiago

AU - Shyu, Mei-Ling

AU - Chen, Shu Ching

AU - Chang, LiWu

PY - 2006/12/15

Y1 - 2006/12/15

N2 - In this paper, a novel agent-based distributed intrusion detection system (IDS) is proposed, which integrates the desirable features provided by the distributed agent-based design methodology with the high accuracy and speed response of the Principal Component Classifier (PCC). Experimental results have shown that the PCC lightweight anomaly detection classifier outperforms other existing anomaly detection algorithms such as the KNN and LOF classifiers. In order to assess the performance of the PCC classifier on a real network environment, the Relative Assumption Model together with feature extraction techniques are used to generate normal and anomalous traffic in a LAN testbed. Finally, scalability and response performance of the proposed system are investigated through the simulation of the proposed communication architecture. The simulation results demonstrate a satisfactory linear relationship between the degradation of response performance and the scalability of the system.

AB - In this paper, a novel agent-based distributed intrusion detection system (IDS) is proposed, which integrates the desirable features provided by the distributed agent-based design methodology with the high accuracy and speed response of the Principal Component Classifier (PCC). Experimental results have shown that the PCC lightweight anomaly detection classifier outperforms other existing anomaly detection algorithms such as the KNN and LOF classifiers. In order to assess the performance of the PCC classifier on a real network environment, the Relative Assumption Model together with feature extraction techniques are used to generate normal and anomalous traffic in a LAN testbed. Finally, scalability and response performance of the proposed system are investigated through the simulation of the proposed communication architecture. The simulation results demonstrate a satisfactory linear relationship between the degradation of response performance and the scalability of the system.

UR - http://www.scopus.com/inward/record.url?scp=33845409757&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=33845409757&partnerID=8YFLogxK

U2 - 10.1109/SUTC.2006.1636211

DO - 10.1109/SUTC.2006.1636211

M3 - Conference contribution

SN - 0769525539

SN - 9780769525532

VL - 2006 II

SP - 446

EP - 453

BT - Proceedings - IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing

ER -