Multi-Agent-Based Anomaly Intrusion Detection

ABSTRACT Cyber security has emerged as an established discipline for computer systems and infrastructures with a focus on protecting information stored on those systems from adversaries who want to obtain, damage, corrupt, modify, destroy, or prohibit access to it. Several information security techniques are available to protect information systems against unauthorized use, duplication, modification, destruction, and virus attacks. An Intrusion Detection System (IDS) is a program that analyzes what happens or has happened during an execution and finds indications that the computer has been misused. In this paper, we have proposed an effective IDS in which a local agent present in every node collects data from its own system and classifies anomaly behaviors using SVM classifier. The local agent uses the mobile agent to gather information from the neighboring node to check its integrity before it allows the system to send data to its neighboring node. The local agent is also capable of removing the local system from network if the system is found to be under attack, thereby providing a global secure environment. Our system identifies successful attacks from the anomaly behaviors.

[1]  Chunlin Zhang,et al.  Intrusion detection using hierarchical neural networks , 2005, Pattern Recognit. Lett..

[2]  B. Ravichandran,et al.  Statistical traffic modeling for network intrusion detection , 2000, Proceedings 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems (Cat. No.PR00728).

[3]  Amitabh Mishra,et al.  Intrusion detection in wireless ad hoc networks , 2004, IEEE Wireless Communications.

[4]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[5]  Heikki Mannila,et al.  Principles of Data Mining , 2001, Undergraduate Topics in Computer Science.

[6]  Xian-Lun Tang,et al.  A novel intrusion detection method based on clonal selection clustering algorithm , 2005, 2005 International Conference on Machine Learning and Cybernetics.

[7]  Sung-Bae Cho,et al.  Evolutionary neural networks for anomaly detection based on the behavior of a program , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[8]  Hong Shen,et al.  Online training of SVMs for real-time intrusion detection , 2004, 18th International Conference on Advanced Information Networking and Applications, 2004. AINA 2004..

[9]  Saswati Sarkar,et al.  Signature based intrusion detection for wireless ad-hoc networks: a comparative study of various routing protocols , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[10]  Sushil Jajodia,et al.  Integrating Data Mining Techniques with Intrusion Detection Methods , 1999, DBSec.

[11]  Andrew H. Sung,et al.  Intrusion detection using neural networks and support vector machines , 2002, Proceedings of the 2002 International Joint Conference on Neural Networks. IJCNN'02 (Cat. No.02CH37290).

[12]  S. T. Sarasamma,et al.  Hierarchical Kohonenen net for anomaly detection in network security , 2005, IEEE Transactions on Systems, Man, and Cybernetics, Part B (Cybernetics).

[13]  Kai Hwang,et al.  Frequent episode rules for Internet anomaly detection , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[14]  Atsushi Inoue,et al.  Support vector classifiers and network intrusion detection , 2004, 2004 IEEE International Conference on Fuzzy Systems (IEEE Cat. No.04CH37542).

[15]  Yuxin Ding,et al.  Host-based intrusion detection using dynamic and static behavioral models , 2003, Pattern Recognit..

[16]  Wang Yi-xue A Sort of Multi-Agent Cooperation Distributed Based Intrusion Detection System , 2008 .

[17]  Srinivasan Parthasarathy,et al.  Fast Distributed Outlier Detection in Mixed-Attribute Data Sets , 2006, Data Mining and Knowledge Discovery.

[18]  L. Segel,et al.  Design Principles for the Immune System and Other Distributed Autonomous Systems , 2001 .

[19]  Giovanni Vigna,et al.  NetSTAT: a network-based intrusion detection approach , 1998, Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217).

[20]  Kimmo Hätönen,et al.  A computer host-based user anomaly detection system using the self-organizing map , 2000, Proceedings of the IEEE-INNS-ENNS International Joint Conference on Neural Networks. IJCNN 2000. Neural Computing: New Challenges and Perspectives for the New Millennium.

[21]  Yang Li,et al.  MAC layer anomaly detection in ad hoc networks , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[22]  Yang Xiao,et al.  Integration of mobility and intrusion detection for wireless ad hoc networks , 2007, Int. J. Commun. Syst..

[23]  Hui Wang,et al.  A clustering-based method for unsupervised intrusion detections , 2006, Pattern Recognit. Lett..

[24]  Cristina Comaniciu,et al.  A Bayesian game approach for intrusion detection in wireless ad hoc networks , 2006, GameNets '06.

[25]  Ajay Gupta,et al.  Anomaly intrusion detection in wireless sensor networks , 2006, J. High Speed Networks.

[26]  L. Javier García-Villalba,et al.  On the Anomaly Intrusion-Detection in Mobile Ad Hoc Network Environments , 2006, PWC.

[27]  Krishna M. Sivalingam,et al.  Selected papers from Trusted Internet Workshop (TIW) 2004 , 2006, J. High Speed Networks.

[28]  A.N. Zincir-Heywood,et al.  On the capability of an SOM based intrusion detection system , 2003, Proceedings of the International Joint Conference on Neural Networks, 2003..

[29]  Wenke Lee,et al.  Agent-based cooperative anomaly detection for wireless ad hoc networks , 2006, 12th International Conference on Parallel and Distributed Systems - (ICPADS'06).

[30]  Ali A. Ghorbani,et al.  Y-means: a clustering method for intrusion detection , 2003, CCECE 2003 - Canadian Conference on Electrical and Computer Engineering. Toward a Caring and Humane Technology (Cat. No.03CH37436).

[31]  Li-Yong Ren,et al.  Using data mining to discover signatures in network-based intrusion detection , 2002, Proceedings. International Conference on Machine Learning and Cybernetics.

[32]  A.M. Cansian,et al.  Neural networks applied in intrusion detection systems , 1998, 1998 IEEE International Joint Conference on Neural Networks Proceedings. IEEE World Congress on Computational Intelligence (Cat. No.98CH36227).

[33]  Donald C. Wunsch,et al.  Intrusion detection using radial basis function network on sequences of system calls , 2003, Proceedings of the International Joint Conference on Neural Networks, 2003..

[34]  Sukumar Nandi,et al.  Utilizing statistical characteristics of N-grams for intrusion detection , 2003, Proceedings. 2003 International Conference on Cyberworlds.

[35]  Connie M. Borror,et al.  Robustness of the Markov-chain model for cyber-attack detection , 2004, IEEE Transactions on Reliability.

[36]  Haiguang Chen,et al.  Lightweight Anomaly Intrusion Detection in Wireless Sensor Networks , 2007, PAISI.