Open Access  Subscription or Fee Access

Networks have the problem of security attacks like denial of service attacks and others. The firewalls and encrypted software’s does not provide a complete security solution for those attacks. Networks routinely drops packets when the load exceeds buffering capabilities. It is a challenge to differentiate packets lost due to congestion and due to a compromised router maliciously manipulating its stream of packets. In this paper, we have proposed an effective Intrusion Detection System in which local agent collects data from its own system and it classifies anomaly behaviors using SVM classifier. The mobile agent gathers information from the local agent before it allows the system to send data. The packet loss minimization algorithm differentiates packet losses due to malicious actions based on measured traffic rates and buffer sizes. Our system identifies successful attacks from the anomaly behaviors and helped to reduce the packet losses due to malicious action of the routers. In this paper the architecture of the proposed system is described, a theoretical analysis of agents’ behavior is given and its possible extensions are explained.

IDS, Multi-Agents, Network Security, Game Theoretical Analysis

R. Ariel and J. Martin. A course in game theory. MIT Press, ISBN 978-0-262-65040-3. A modern introduction at the graduate level, 1994.

S. Bonnevay, N. Kabachi and M. Lamure. Agent-based simulation of coalition formation in cooperative games. Proc. Of the 2005 IEEE/WIC/ACM international conference on web intelligence and intelligent agent technology, pp.136-139, 2005.

B. Khosravifar, and J. Bentahar. An experience improving intrusion detection systems false alarm ratio by Uusing honeypot. In Proc. of the 22nd international conference on advanced information networking and applications, pp. 997-1004, 2008.

C. Kreibich and J. Crowcroft. Honeycomb: creating intrusion detection signatures using honeypots. ACM SIGCOMM computer communications review, Vol(34)-1, 2004.

K. Leyton-Brown, Y. Shoham. Essentials of Game Theory: A Concise, Multidisciplinary Introduction. Morgan and Claypool Publishers, 2008.

J. Mario. Cooperative Games on Combinatorial Structures. Kluwer Academic Publishers, 2000.

A. Orfila, J. Carbo and A. Ribagorda. Intrusion detection effectiveness improvement by a multiagent system. International journal of computer science and applications, Vol(2)-1, 2005.

H. Otrok, M. Debbabi, Ch. Assi and P. Bhattacharya. A cooperative approach for analyzing intrusions in mobile Ad hoc networks. 27th international conference on distributed computing systems workshops (ICDCSW’07), 2007.

L. S. Shapley. A value for n-person games. In Contributions to the Theory of Games, volume II, by H.W. Kuhn and A.W. Tucker, editors. Annals of Mathematical Studies v. 28, pp. 307-317. Princeton University Press.

C. H. Tsang and S. Kwong. Multi-agent intrusion detection system in industrial network using ant colony clustering approach and unsupervised feature extraction. IEEE international conference on industrial technology, pp.51-56, 2005.

W. Wang, Ch. J. Wang and Ch. Shi-fu. Dynamic hierarchical distributed intrusion detection system based on multiagent system. Proc. of the 2006 IEEE/WIC/ACM international conference on web intelligence and intelligent agent technology, pp.89-93, 2006.

Y. Guan, A. A. Ghorbani, and N. Belacel, “Y -means: A clustering method for intrusion detection,” in Proc. IEEE Can. Conf. Electr. Comput. Eng., 2003, vol. 2, pp. 1083–1086.

J. Xian, F. Lang, and X. Tang, “A novel intrusion detection method based on clonal selection clustering algorithm,” in Proc. Int. Conf. Mach. Learn. Cybern., 2005, vol. 6, pp. 3905–3910.

S. Jiang, X. Song, H.Wang, J. Han, and Q. Li, “A clustering-based method for unsupervised intrusion detections,” Pattern Recognit. Lett., vol. 27, no. 7, pp. 802–810, May 2006.

A. J. Hoglund, K. Hatonen, and A. S. Sorvari, “A computer hostbased user anomaly detection system using the self-organizing map,” in Proc. Int. Joint Conf. Neural Netw., 2000, vol. 5, pp. 411–416.

H. G. Kayacik, A. N. Zincir-Heywood, and M. I. Heywood, “On the capability of an SOM based intrusion detection system,” in Proc. Int. Joint Conf. Neural Netw., Jul. 2003, vol. 3, pp. 1808–1813.

S. T. Sarasamma, Q. A. Zhu, and J. Huff, “Hierarchical Kohonenen net for anomaly detection in network security,” IEEE Trans. Syst., Man, Cybern. B, Cybern., vol. 35, no. 2, pp. 302–312, Apr. 2005.