Multi-level and Secured Agent-based Intrusion detection system

Abstract

Since Intrusion Detection System (IDS) has become necessary security tool for detecting attacks on computer network and resources, it is essential to improve previous designs. Recently many mobile agent-based IDSs have been designed, but there are still some drawbacks. Some of these drawbacks are lowdetection efficiency, high false alarm rate and agent security. A multi-level and secured IDS architecture based on mobile agent is presented in this work to correct these drawbacks. In order to make the design more efficient, the architecture is improved in such a way that intrusion detection at the lower level and the confirmation of intrusion detected take place at the upper level. The design also incorporates data mining strategy in the identification of intrusive actions. Implementing the new design using JAVA shows a better performance than previous designs.