The architecture of mobile agent based distributed intrusion detection system (MABDIDS)

Can O., Sahingoz O. K., Kuğu E.

World Congress on Engineering, WCE 2014, London, England, 2 - 04 July 2014, vol.1, pp.432-437 identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 1
  • City: London
  • Country: England
  • Page Numbers: pp.432-437
  • Keywords: Cyber-attack, Intrusion detection, Mobile agent, Security
  • TED University Affiliated: No


An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. In a network-based intrusion detection system, the individual packets flow through a network are analyzed. In a host-based system, the lDS examines at the activity on each individual computer or host. IDS techniques are divided into two categories including misuse detection and anomaly detection. In recent years, mobile agent based systems are emerged as an attractive paradigm and they are defined as agents that can migrate among different hosts. According to their creation purpose, they can execute their tasks autonomously in distributed environments by communicating with other mobile and static agents. In this paper, we described an architecture for intrusion detection by combining both lDS mechanisms of both network and host based lDS. The proposed approach can monitor the system by using mobile agents which are the lowest-level element to collect and analyze intrusion data. By using this technology it is aimed to overcome the speed-bottleneck of lDS by reducing network load.