A multiagent-based intrusion detection system with the support of multi-class supervised classification

Mei Ling Shyu, Varsha Sainani

Research output: Chapter in Book/Report/Conference proceedingChapter

8 Scopus citations

Abstract

The increasing number of network security related incidents have made it necessary for the organizations to actively protect their sensitive data with network intrusion detection systems (IDSs). IDSs are expected to analyze a large volume of data while not placing a significantly added load on the monitoring systems and networks. This requires good data mining strategies which take less time and give accurate results. In this study, a novel data mining assisted multiagent-based intrusion detection system (DMAS-IDS) is proposed, particularly with the support of multiclass supervised classification. These agents can detect and take predefined actions against malicious activities, and data mining techniques can help detect them. Our proposed DMAS-IDS shows superior performance compared to central sniffing IDS techniques, and saves network resources compared to other distributed IDS with mobile agents that activate too many sniffers causing bottlenecks in the network. This is one of the major motivations to use a distributed model based on multiagent platform along with a supervised classification technique.

Original languageEnglish (US)
Title of host publicationData Mining and Multi-Agent Integration
PublisherSpringer US
Pages127-142
Number of pages16
ISBN (Print)9781441905215
DOIs
StatePublished - Dec 1 2009

    Fingerprint

ASJC Scopus subject areas

  • Computer Science(all)

Cite this