NETWORK INTRUSIONS DETECTION AND PREVENTION METHOD USING A TEAM OF INTELLIGENT AGENTS
Aleksei A. Sychugov1*, Vasiliy Yu. Meltsov2, Alexey S. Kuvaev3, Vyacheslav M. Grishin4
1Department of Information Security, Tula State University, 92 Lenin Ave., Tula, Russian Federation
2,3Department of Electronic Computing Machines, Vyatka State University, 36 Moskovskaya Str., Kirov, Russian Federation
4Department No. 604 “System Analysis and Management”, Moscow Aviation Institute, 4 Volokolamskoe shosse, Moscow, Russian Federation
*Corresponding Author Email: [email protected]
This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
An intrusion is defined to be a violation of the security policy of the system; intrusion detection thus refers to the mechanisms that are developed to detect violations of system security policy. Intrusion detection is based on the assumption that intrusive activities are noticeably different from normal system activities and thus detectable. Also, there is a specific set of characteristics that can serve as a sign of anomalies caused by unauthorized intrusions. The authors introduced a multi-agent system for network attack detection with the help of the detecting of computer network malfunctions, caused by an unauthorized intrusion into the network. The study has showed that the proposed system can be applied to detect anomalies in real-time mode, which is the major advantage of the proposed system.