Abstract
Intrusion detection system (IDS) has become an essential component of a computer security scheme as the number of security-breaking attempts originating inside organizations is increasing steadily. The idea of filtering the traffic at the "entrance door" (by firewalls, for instance) is not completely successful since it does not allow monitoring of local traffic. This paper presents a lightweight and adaptive mobile agent-based intrusion detection system (LAMAIDS) that detects intrusion from outside the network as well as from inside. A main machine, being a typical intrusion detection system residing at a secure location, creates mobile IDS agents and dispatches them into the network. The mobile IDS agents are equipped with lightweight IDS capabilities and decision-making. On each hop, the agents sniff the network traffic and look for abnormal activities using a set of rules supplied by the main machine. Simulation results based on real-world scenarios demonstrate significant improvements in terms of detection rate, network overhead, and adaptability, scalability, and fault tolerance.
Original language | English (US) |
---|---|
Pages (from-to) | 145-157 |
Number of pages | 13 |
Journal | International Journal of Network Security |
Volume | 6 |
Issue number | 2 |
State | Published - 2008 |
Keywords
- Defense systems
- Distributed systems
- Intrusion detection systems
- Mobile agents
ASJC Scopus subject areas
- Computer Networks and Communications