Intrusion detection systems were used in the past along with various techniques to detect intrusions in networks effectively. However, most of these systems are able to detect the intruders only with high false alarm rate. In this paper, we propose a new intelligent agent-based intrusion detection model for mobile ad hoc networks using a combination of attribute selection, outlier detection, and enhanced multiclass SVM classification methods. For this purpose, an effective preprocessing technique is proposed that improves the detection accuracy and reduces the processing time. Moreover, two new algorithms, namely, an Intelligent Agent Weighted Distance Outlier Detection algorithm and an Intelligent Agent-based Enhanced Multiclass Support Vector Machine algorithm are proposed for detecting the intruders in a distributed database environment that uses intelligent agents for trust management and coordination in transaction processing. The experimental results of the proposed model show that this system detects anomalies with low false alarm rate and high-detection rate when tested with KDD Cup 99 data set. 1. Introduction Mobile ad hoc networks (MANETs) consist of mobile nodes that work independently without an infrastructure. They are useful in application areas like disaster management emergency and rescue operations where it is not possible to have well-defined infrastructure. MANETs are characterized by its great flexibility. However, MANET’s inherent vulnerability increases their security risks. Though MANETs are dynamic and cooperative in nature, it needs efficient and effective security mechanisms to safeguard the mobile nodes. Intrusion detection and prevention are primary mechanisms to reduce possible intrusions. Intrusion detection using classification algorithms effectively discriminates “normal” behavior from “abnormal” behavior. Therefore, intrusion detection and prevention system can be used as a secondary mechanism of defense in any wireless environment and mobile databases so that it can be a part of the reliable communication in MANETs [1]. Intrusion detection systems (IDS) play a major role in providing security to networks. In this paper, we introduce a new intelligent agent-based intrusion detection model for securing the mobile ad hoc networks. The main function of the proposed intrusion detection system is to monitor the computer system and network in order to find the intrusion activities in the system. In such system, attacks are divided into two categories, namely, host-based attacks and network-based attacks. Hence, IDSs are also
References
[1]
S. Ganapathy, N. Jaisankar, P. Yogesh, and A. Kannan, “An intelligent intrusion detection system using outlier detection and multiclass SVM,” International Journal on Recent Trends in Engineering & Technology, vol. 05, no. 01, 2011.
[2]
I. M. Hegazy, T. Al-Arif, Z. T. Fayed, and H. M. Faheem, “A multi-agent based system for intrusion detection,” IEEE Potentials, vol. 22, no. 4, pp. 28–31, 2003.
[3]
J. S. Balasubramaniyan, J. O. Garcia-Fernandez, D. Isacoff, E. Spafford, and D. Zamboni, “An architecture for intrusion detection using autonomous agents,” in Proceedings of 14th Annual Conference on Computer Security Applications, pp. 13–24, Phoenix, Ariz, USA, 1998.
[4]
F. Angiulli, S. Basta, and C. Pizzuti, “Distance-based detection and prediction of outliers,” IEEE Transactions on Knowledge and Data Engineering, vol. 18, no. 2, pp. 145–160, 2006.
[5]
S. Ganapathy, P. Yogesh, and A. Kannan, “An intelligent intrusion detection system for mobile ad-hoc networks using classification techniques,” Communications in Computer and Information Science, vol. 148, pp. 117–122, 2011.
[6]
S. Ganapathy, N. Jaisankar, P. Yogesh, and A. Kannan, “An intelligent system for intrusion detection using outlier detection,” in Proceedings of the IEEE-International Conference on Recent Trends in Information Technology, pp. 119–123, 2011.
[7]
A. A. Bakar, Z. A. Othman, A. R. Hamdan, R. Yusof, and R. Ismail, “An agent based rough classifier for data mining,” in Proceedings of the 8th International Conference on Intelligent Systems Design and Applications (ISDA'08), pp. 145–151, Kaohsiung City, Taiwan, November 2008.
[8]
J. Tweedale, A. Quteishat, C. Peng Lim, and L. C. Jain, “A neural network-based multi-agent classifier system,” Neurocomputing, vol. 72, no. 7–9, pp. 1639–1647, 2009.
[9]
J. S. Wang and J. C. Chiang, “A cluster validity measure with outlier detection for support vector clustering,” IEEE Transactions on Systems, Man, and Cybernetics B, vol. 38, no. 1, pp. 78–89, 2008.
[10]
S. A. Mulay, P. R. Devale, and G. V. Garje, “Intrusion detection system using support vector machine and decision tree,” International Journal of Computer Applications, vol. 3, no. 3, pp. 0975–8887, 2010.
[11]
S. Mukkamala and A. H. Sung, “Detecting denial of service attacks using support vector machines,” in Proceedings of the IEEE International conference on Fuzzy Systems, pp. 1231–1236, May 2003.
[12]
D. M. Farid, J. Darmont, N. Harbi, N. H. Hoa, and M. Z. Rahman, “Adaptive network intrusion detection learning: attribute selection and classification,” Proceedings of World Academy of Science, Engineering and Technology, vol. 60, pp. 154–158, 2009.
[13]
C. Yang, H. Ge, G. Yao, and L. Ma, “Quick complete attribute reduction algorithm,” in Proceedings of the 6th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD'09), pp. 576–580, Tianjin, China, August 2009.
[14]
S. Teng, J. Wu, J. Sun, S. Zhou, and G. Liu, “An efficient attribute reduction algorithm,” in Proceedings of the IEEE International Conference on Advanced Computer Control (ICACC'10), pp. 471–475, March 2010.
[15]
W. Wang, X. Zhang, S. Gombault, and S. J. Knapskog, “Attribute normalization in network intrusion detection,” in Proceedings of the 10th International Symposium on Pervasive Systems, Algorithms, and Networks (I-SPAN'09), pp. 448–453, IEEE, Kaohsiung City, Taiwan, December 2009.
[16]
F. Abdel-Fattah, Z. M. Dahalin, and S. Jusoh, “Dynamic intrusion detection method for mobile AdHoc networks using CPDOD algorithm,” International Journal of Computer Applications, vol. 12, no. 5, pp. 22–29, 2010, IJCA Special Issues on Mobile Ad-hoc Networks MANETs.
[17]
M. Teng, “Anomaly detection on time series,” in Proceedings of the 1st IEEE International Conference on Progress in Informatics and Computing (PIC'10), vol. 1, pp. 603–608, Shanghai, China, December 2010.
[18]
“KDD Cup 1999,” October 2007, http://kdd.ics.uci.edu/databases/kddcup99/kddcup99.html.
