Skip to Main Content
The goal of IDS is to analyze events on the network and identify attacks. The increasing number of network security related incidents makes it necessary for organizations to actively protect their sensitive data with the installation of intrusion detection systems (IDS). Detecting intrusion in distributed network from outside network segment as well as from inside is a difficult problem. Intrusion detection system must analyze a large volume of data while not placing a significant added load on the monitoring systems and networks. The deficiency of centralized intrusion detection systems leads the idea of mobile agents. In an agent based IDS idea, there is no central station, therefore no central point of failure. Agents can detect and take predefined actions against malicious activity. The system shows a superior performance compared to central sniffing IDS techniques, and saves network resources compared to other distributed IDSs that activate too many sniffers causing bottlenecks in the network. This is one of the major motivations to use the distributed model based on mobile agent platform. This paper presents survey of distributed intrusion detection system based on mobile agents. It also includes an overview of several agent based intrusion detection implementation.