New collaborative intrusion detection architecture based on multi agent systems

Mohssine El Ajjouri, Siham Benhadou, Hicham Medromi
2015 2015 International Conference on Wireless Networks and Mobile Communications (WINCOM)  
One of the most serious security challenges is to learning new attacks. Thus, the concept of learning in existing IDSs used in general to learn the normal behavior of the system to secure, then the IDS does not have the ability to detect new attacks. In this paper we propose a new architecture for intrusion detection based on multi agent systems. The agents incorporate a CBR (case-based reasoning) technique which is equipped with a learning and adaptation capacity. We present also the
more » ... and description of the approach. The proposed architecture is based on a hierarchical and distributed strategy separated into three layers. We focus after on the modeling of our multi-agent systems, we use the O-MaSE (organization based multi-agents system engineering) methodology.
doi:10.1109/wincom.2015.7381338 dblp:conf/wincom/AjjouriBM15 fatcat:wfeh6z6m7rhjnpr4sn7qopkecu