Distributed Intrusion Detection System based on Anticipation and Prediction Approach

Hajar Benmoussa, Anas Abou El Kalam, Abdallah Ait Ouahman

Abstract

Despite the importance and reputation of the current intrusion detection systems, their efficiency and effectiveness remain limited as they rely on passive defensive approaches. In fact, when an intrusion is detected by the IDS, it is already happened on the network and the time required to update security rules is usually short, which provide opportunity to the attacker to inflict damages that may paralyze the network. For this purpose we suggest a new approach of distributed intrusion detection system to wisely anticipate and predict intrusions before their first occurrence in the network to secure. Our approach is based on intelligent agents and using honeypot technology to gather a vast scope of information about attacks. Moreover it combines the two detection strategies "anomaly approach and misuse approach".

References

  1. Ahmed, M., Pal, R., Hossain, Md. M., Bikas, Md. A. N., Hasan, Md. K.: A comparative study on the corrently existing intrusion detection systems. Dept. of Computer Science & Engineering Shahjalal University of Science & Technology Sylhet, Bangladesh 2009.
  2. Asaka, M., Okazawa, S., Taguchi, A. , Goto, S.: A method of tracing intruders by use of mobile agents. INET 7899, San Jose, USA, June 1999
  3. Bellifemine, F., Caire, G., Greenwood, D., “Developing multi-agent systems with JADE” (Vol. 7). John Wiley. 170, 2007.
  4. C, Li., Q, Song., C, Zhang: MA-IDS Architecture for Distributed Intrusion Detection using Mobile Agents. In Proceedings of the 2nd International Conference on Information Technology for Application (ICITA 2004).
  5. Debar, H., Dacier, M., Wespi, A.: Towards a taxonomy of intrusion Detection systems. Computer Networks, 31(9) pp: 805-822, 1999.
  6. Kannadiga, P., Zulkernine, M.: DIDMA a distributed intrusion detection system using mobile agent. Proceedings of the Sixth International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, and First ACIS International Workshop on SelfAssembling Wireless Networks, pages 238-245, 2005.
  7. Mairh, A., Barik, D., Verma, K., Jena, D., “Honeypot in network security: A Survey,” In proceedings of the 2011 International Conference on Communication, Computing & Security, ICCCS 2011, Odisha, India, February 12-14, 2011.
  8. Patil, N., Patankar, S., Das, C., Pol, K.: Analysis of distributed intrusion detection systems using mobile agents. In First International Conference on Emerging Trends in Engineering and Technology, 2008.
  9. Servin, A. L., D. Kudenko, D.:Multi-agent reinforcement learning forintrusion detection. In Adaptive Learning Agents and Multi Agent Systems 2007, pages 158-170, 2007.
  10. Snapp, S. R., Brentano, J., Dias, G. V., Goan, T. L., Heberlein, L. T., Ho, C., Levitt, .K .N., Mukherjee, B., Smaha, S. E., Grance, T., Teal, D. M., Mansur, D.:DIDS (distributed intrusion detection system) - motivation, architecture and an early prototype. In Proceedings 14th National Security Conference, pages 167-176, October, 1991.
  11. Singh, A., Juneja, D., Sharma, A. K.: Agent Development Toolkits. International Journal of Advancements in Technology, ISSN 0976-4860, Vol. 2, No. 1, pp. 158- 164, 2011.
  12. Ye, D., Bai, Q., Zhang, M., Ye, Z.: P2P distributed intrusion detections by using mobile agents. In Proceedings of the Seventh IEEE/ACIS International Conference on Computer and Information science (ICIS 2008), pages 259-265, Washington, DC, USA, 2008. IEEE Computer Society. ISBN 978- 0-7695- 3131-1.
  13. Zhou, C. V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Computers & security 2010, vol. 29, no 1, p. 124-140.
  14. Zamboni, D., Balasubramaniyan, J., Garcia Fernandes, J. O., Spafford, E. H.: An architecture for intrusion detection using autonomous agents. Department of Computer Sciences, Purdue University; 1998.
Download


Paper Citation


in Harvard Style

Benmoussa H., Abou El Kalam A. and Ait Ouahman A. (2015). Distributed Intrusion Detection System based on Anticipation and Prediction Approach . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 343-348. DOI: 10.5220/0005556803430348


in Bibtex Style

@conference{secrypt15,
author={Hajar Benmoussa and Anas Abou El Kalam and Abdallah Ait Ouahman},
title={Distributed Intrusion Detection System based on Anticipation and Prediction Approach},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={343-348},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005556803430348},
isbn={978-989-758-117-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Distributed Intrusion Detection System based on Anticipation and Prediction Approach
SN - 978-989-758-117-5
AU - Benmoussa H.
AU - Abou El Kalam A.
AU - Ait Ouahman A.
PY - 2015
SP - 343
EP - 348
DO - 10.5220/0005556803430348