A Proposed Multi-Agent System for Intrusion Detection System in a Complex Network

The openness of business toward telecommunication network in general and Internet in particular is performed at the prize of high security risks. Every professional knows that the only way to secure completely a private network is to make it unreachable. However, even if this solution was undertaken for many years, nowadays it is not possible to close private network especially for business purpose. Thus security management becomes an important issue that must be considered carefully. This research concentrates on one particular aspect: where the networks becomes more complex (number of machines, number of users, number of connections....), making them more vulnerable to various kinds of complex security attacks. Therefore the intrusion detection systems (IDSs) require more advanced models to deal with these requirements. Multi-agent system (MAS) is suggested to provide powerful for the modeling and development of complex systems for detecting attacks. This can be done by depending on decomposition of the system into several interacting and autonomous entities called agents. Agent is an entity functions continuously an autonomously in an environment in which other processes take place and other agents exist