By Topic

A Multi-agent-based Approach to Improve Intrusion Detection Systems False Alarm Ratio by Using Honeypot

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Babak Khosravifar ; Dept. Comp. Eng., Concordia Univ., Montreal, QC ; Maziar Gomrokchi ; Jamal Bentahar

In this paper we propose a new architecture, which is composed of distributed cooperative agents to reduce the false alarm ratio of the intrusion detection systems (IDS) in a twofold contribution. The first contribution lies in reducing the false alarm rate of the attack detection in an agent-based architecture by using honeypot network as the closer level of investigation. The connection is retrieved to the original destination in case of false alarm recognition, while the actions are hidden to the user. Such a scheme significantly decreases the alarm rate and provides a higher performance of IDS. The second contribution applies the game theoretic analysis in the sense that the contributing agents are led to perform the best they could in order to achieve their goals. The Shaply value is computed to find the actual contribution of each agent in the coalition he belongs to. The equilibrium point is found and consequently the winner coalition is formed. In this paper the architecture of the proposed system is described, a theoretical analysis of agents' behavior is given and its possible extensions are explained.

Published in:

Advanced Information Networking and Applications Workshops, 2009. WAINA '09. International Conference on

Date of Conference:

26-29 May 2009