1. UKM Learning and Research Repository
  2. PHD Thesis / Tesis PHD
  3. Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat
Please use this identifier to cite or link to this item: https://ptsldigital.ukm.my/jspui/handle/123456789/513259
Title: Multi-agent system for an adaptive real time intrusion detection system
Authors: Wathiq Laftah Abd-Ali Al-Yaseen (P65615)
Supervisor: Zulaiha Ali Othman, Assoc. Prof. Dr.
Keywords: Multi-agent system
Adaptive real time
Intelligent agents (Computer software)
Issue Date: 23-Dec-2016
Description: The increased speed of network data traffic and growing number of attacks on computer networks have become challenges for an intrusion detection system’s (IDS) such as long processing time, low detection rates and adaptively on new attacks. Most researches attempted to overcome the obstacles by improving the algorithm or improving the IDS’s architectural design either as distributed or parallel to make an IDS faster, especially multi-agent system (MAS) approach which is a well-known of an autonomous distributed parallel solution. However, researches are still focusing on improving the detection rates and less focus on processing time and adaptive IDS. Various algorithms have been proposed to handle the detection rate. However, Support Vector Machine (SVM) and Extreme Learning Machine (ELM) have shown the best solution with high ability to classify the known and unknown attacks with satisfaction results. However, apply of SVM and ELM in IDS causes a very long training time and consume high system resources, especially with large training network data. Moreover, having an adaptive IDS to detect unknown attacks in real time has become a major issue to prevent any further damage as early as possible. The current adaptive IDS solutions are either using an algorithm that learn unknown attacks or retrained both known and unknown attacks which consuming time. Therefore, in order to achieve the aims, three objectives have been identified: Firstly, to propose a MAS for IDS which consists of five agents; manager agent, coordinator agent, resident agent, analysis agent and communication agent. Secondly, to propose an intrusion detection algorithm which consists of multilevel hybrid SVM and ELM model with modified K-means for build a high-quality training datasets. Thirdly, to propose an adaptive MAS-IDS which used SVM to learn the unknown attacks and combined with the known attacks that obtained using the previous method. The experiment conducted using KDDCup’99 and NSL-KDD datasets. The experiment result shows that the proposed MAS-IDS has greatly reduced the processing time up to 81% compared without MAS. The proposed intrusion detection algorithm has also significantly improved the detection accuracy up to 95.86%, compared with the state of the art result was 95.7%. Furthermore, the proposed adaptive MAS-IDS has an ability to detect and learn unknown attacks faster up to 61% compared without MAS. It can be concluded that the adaptive MAS-IDS has a good potential for future IDS.,Certification of Master's/Doctoral Thesis" is not available
Pages: 245
Call Number: QA76.76.I58Y347 2016 3 tesis
Publisher: UKM, Bangi
Appears in Collections:Faculty of Information Science and Technology / Fakulti Teknologi dan Sains Maklumat

Files in This Item:
File Description SizeFormat 
ukmvital_96521+SOURCE1+SOURCE1.0.PDF
  Restricted Access		510.17 kBAdobe PDFThumbnail
View/Open
Show full item record Recommend this item


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.