Adaptive Agents Applied to Intrusion Detection

  • Javier Carbó
  • Agustín Orfila
  • Arturo Ribagorda
Conference paper

DOI: 10.1007/3-540-45023-8_43

Part of the Lecture Notes in Computer Science book series (LNCS, volume 2691)
Cite this paper as:
Carbó J., Orfila A., Ribagorda A. (2003) Adaptive Agents Applied to Intrusion Detection. In: Mařík V., Pěchouček M., Müller J. (eds) Multi-Agent Systems and Applications III. CEEMAS 2003. Lecture Notes in Computer Science, vol 2691. Springer, Berlin, Heidelberg

Abstract

This paper proposes a system of agents that make predictions over the presence of intrusions. Some of the agents act as predictors implementing a given Intrusion Detection model, sniffing out the same traffic. An assessment agent weights the forecasts of such predictor agents, giving a final binary conclusion using a probabilistic model. These weights are continuously adapted according to the previous performance of each predictor agent. Other agent establishes if the prediction from the assessor agent was right or not, sending him back the results. This process is continually repeated and runs without human interaction. The effectiveness of our proposal is measured with the usual method applied in Intrusion Detection domain: Receiver Operating Characteristic curves (detection rate versus false alarm rate). Results of the adaptive agents applied to intrusion detection improve ROC curves as it is shown in this paper.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Javier Carbó
    • 1
  • Agustín Orfila
    • 1
  • Arturo Ribagorda
    • 1
  1. 1.Computer Science DepartmentCarlos III University of MadridMadridSpain

Personalised recommendations