Distributed Intrusion Detection Systems: a Computational Intelligence Approach
نویسنده
چکیده
Computer security is defined as the protection of computing systems against threats to confidentiality, integrity, and availability. An intrusion is defined as any set of actions that attempt to compromise the integrity, confidentiality or availability of a resource. The process of monitoring the events occurring in a computer system or network and analyzing them for sign of intrusions is known as Intrusion Detection System (IDS). A Distributed IDS (DIDS) consists of several IDS over a large network (s), all of which communicate with each other, or with a central server that facilitates advanced network monitoring. In a distributed environment, DIDS are implemented using cooperative intelligent agents distributed across the network(s). This chapter presents a framework for a distributed intrusion detection system comprising of a multi-agent framework with computational intelligent techniques to reduce the data features to create lightweight detection systems and a hybrid intelligent system approach to improve the detection accuracy.
منابع مشابه
Attack Pattern Analysis Framework For Multiagent Intrusion Detection System
The paper proposes the use of attack pattern ontology and formal framework for network traffic anomalies detection within a distributed multiagent Intrusion Detection System architecture. Our framework assumes ontology-based attack definition and distributed processing scheme with exchange of communicates between agents. The role of traffic anomalies detection was presented then it has been dis...
متن کاملA Hybrid Machine Learning Method for Intrusion Detection
Data security is an important area of concern for every computer system owner. An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Already various techniques of artificial intelligence have been used for intrusion detection. The main challenge in this area is the running speed of the available implemen...
متن کاملOutlier Detection in Wireless Sensor Networks Using Distributed Principal Component Analysis
Detecting anomalies is an important challenge for intrusion detection and fault diagnosis in wireless sensor networks (WSNs). To address the problem of outlier detection in wireless sensor networks, in this paper we present a PCA-based centralized approach and a DPCA-based distributed energy-efficient approach for detecting outliers in sensed data in a WSN. The outliers in sensed data can be ca...
متن کاملAnomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm
Recently, research on intrusion detection in computer systems has received much attention to the computational intelligence society. Many intelligence learning algorithms applied to the huge volume of complex and dynamic dataset for the construction of efficient intrusion detection systems (IDSs). Despite of many advances that have been achieved in existing IDSs, there are still some difficulti...
متن کاملAn Efficient Model for Network Intrusion Detection System based on an Evolutionary Computational Intelligence Approach
Intrusion Detection systems are increasingly a key part of system defence. Various approaches to Intrusion Detection are currently being used but false alarm rate is higher in those approaches. Network Intrusion Detection involves differentiating the attacks like DOS, U2L, R2L and Probe from the Normal user on the internet. Due to the variety of network behaviors and the rapid development of at...
متن کامل