Go top
Conference paper information

IDSAI: A Distributed System for Intrusion Detection Based on Intelligent Agents

M.A. Sanz-Bobi, M. Castro, J. Santos

This paper describes an intelligent system for automatic detection of intrusions in computer networks. Its architecture is based on a multi-agent system in which several types of agents cooperate together to perform a fast and reliable detection of intrusions. Some agents are in charge of monitoring the traffic of the communication network using as core the well-known SNORT system fitted with different parameters for each monitoring agent. Other agents are responsible for the intelligent processing and interpretation of the information collected using knowledge rules. Finally, another type of agents is in charge of the compilation and integration of diagnoses issued by other agents and solving possible conflicts. The cooperation of all these agents will configure a more reliable and robust detection system than similar existing systems not using this type of architecture. This paper describes the IDSAI architecture, the agent roles and the main features of the application developed for network traffic surveillance.


Keywords: Intrusion detection; Communication network; Multi-agent system; Fuzzy logic; Knowledge rules; SNORT

Fifth International Conference on Internet Monitoring and Protection - ICIMP 2010. Barcelona, Spain. 9-15 May 2010

DOI: DOI icon 10.1109/ICIMP.2010.8    

Published: May 2010.


    Research topics:
  • *Forecasting and data mining

IIT-10-013A

Request Request the author to send the document



Aviso legal  |  Política de cookies |  Poítica de Privacidad

© Universidad Pontificia Comillas, Escuela Técnica Superior de Ingeniería - ICAI, Instituto de Investigación Tecnológica

Calle de Santa Cruz de Marcenado, 26 - 28015 Madrid, España - Tel: (+34) 91 5422 800