Scribd
Upload
28 views9 pages

A Multi-Agent-Based System For Intrusion Detection

A Multi-Agent-Based System for Intrusion Detection

Uploaded by

Salvatore Rampone
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
28 views9 pages

A Multi-Agent-Based System For Intrusion Detection

A Multi-Agent-Based System for Intrusion Detection

Uploaded by

Salvatore Rampone
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.

1007%2F978-981-16-2994-5_15

A Multi-Agent-Based System for Intrusion


Detection

Agents and Multi-Agent Systems: Technologies


and Applications 2021 pp 177-191 | Cite as
Conference paper
First Online: 08 June 2021

236

Downloads

Part of the Smart Innovation, Systems and


Technologies book series (SIST, volume 241)

Abstract

Nowadays, with the immense amount of data that is circulating every second,
the cybersecurity concerns are also growing. In recent years, cybersecurity-
intrusion detection has become a very difficult research area in communication
network and big data. Hence, traditional intrusion detection systems (IDSs)
could not respond to the new security challenges. Therefore, IDSs require an
effective and improved detection mechanism capable of detecting distributed
intrusive activities and serious threats to network security. In this paper, we
have proposed A Multi-Agent System (MAS), which is very suitable for IDSs as
it meets the features required by the networks and Big Data issues, through
cooperation, autonomy, and proactivity between agents to ensure the effective
detection of intrusions without the intervention of an expert. Moreover, some
experiments were conducted to evaluate the performance of our model in a
Microsoft Azure Cloud, as it provides both processing power and storage

1 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

capabilities using Apache Spark, and its Machine Learning Library (MLlib) to
detect intrusions. A Random Forest algorithm is used to provide for the nature
of the incoming data. Also, the use of the recent CSE-CIC-IDS2018 dataset will
give better perspective about the system abilities against cyber-attacks. The
results show that the proposed solution is much accurate than traditional
intrusion detection systems.

Keywords
Intrusion detection Multi-agent system Machine learning Apache Spark
Microsoft Azure Random Forest

This is a preview of subscription content, log in to check access.

References
1. Sarker, I.H., Abushark, Y.B., Alsolami, F., Khan, A.I.: IntruDTree: A
Machine Learning Based Cyber Security Intrusion Detection Model, p.
754. Symmetry. Multidisciplinary Digital Publishing Institute (2020)
Google Scholar (https://scholar.google.com/scholar?q=Sarker
%2C%20I.H.%2C%20Abushark%2C%20Y.B.%2C%20Alsolami
%2C%20F.%2C%20Khan%2C%20A.I.%3A%20IntruDTree
%3A%20A%20Machine%20Learning%20Based%20Cyber%20Security
%20Intrusion%20Detection%20Model
%2C%20p.%20754.%20Symmetry.%20Multidisciplinary%20Digital%2
0Publishing%20Institute%20%282020%29)
2. Dounya, K., Okba, K., Hamza, S., Safa, S., Iman, H., Omar, B.: A new
approach based mobile agent system for ensuring secure big data
transmission and storage. In: 2017 International Conference on
Mathematics and Information Technology (ICMIT), pp. 196–200. IEEE
(2017)
Google Scholar (https://scholar.google.com/scholar?q=Dounya
%2C%20K.%2C%20Okba%2C%20K.%2C%20Hamza%2C%20S.
%2C%20Safa%2C%20S.%2C%20Iman%2C%20H.%2C%20Omar
%2C%20B.
%3A%20A%20new%20approach%20based%20mobile%20agent%20sy
stem%20for%20ensuring%20secure%20big%20data%20transmission
%20and%20storage.%20In
%3A%202017%20International%20Conference%20on%20Mathematic
s%20and%20Information%20Technology%20%28ICMIT%29%2C
%20pp.%20196%E2%80%93200.%20IEEE%20%282017%29)

2 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

3. Apache Spark. Apache Spark. [Online], 6 January 2021.


https://spark.apache.org/ (https://spark.apache.org/)
4. Apache Hadoop. Apache Hadoop. [Online] (2020).
https://hadoop.apache.org/ (https://hadoop.apache.org/)
5. Benyettou, N.: Modélisation des Systèmes Immunitaires Artificiel par
les Systèmes Multi-Agents Pour la Détection d’intrusion dans les
réseaux Informatique, 14 November 2017
Google Scholar (https://scholar.google.com/scholar?q=Benyettou
%2C%20N.%3A%20Mod%C3%A9lisation%20des%20Syst
%C3%A8mes%20Immunitaires%20Artificiel%20par%20les%20Syst
%C3%A8mes%20Multi-Agents%20Pour%20la%20D
%C3%A9tection%20d%E2%80%99intrusion%20dans%20les%20r
%C3%A9seaux%20Informatique%2C%2014%20November%202017)
6. Louati, F., Ktata, F.B.: A Deep Learning-Based Multi-agent System for
Intrusion Detection, pp. 1–13. SN Applied Sciences. Springer (2020)
Google Scholar (https://scholar.google.com/scholar?q=Louati
%2C%20F.%2C%20Ktata%2C%20F.B.
%3A%20A%20Deep%20Learning-Based%20Multi-
agent%20System%20for%20Intrusion%20Detection%2C%20pp.%201
%E2%80%9313.%20SN%20Applied%20Sciences.%20Springer
%20%282020%29)
7. Mokhtari, S.M., Moulkhaloua, A.: Système DE Détection D’intrusions
Informatiquespar Système Multi Agents (2018)
Google Scholar (https://scholar.google.com/scholar?q=Mokhtari
%2C%20S.M.%2C%20Moulkhaloua%2C%20A.%3A%20Syst
%C3%A8me%20DE%20D%C3%A9tection%20D%E2%80
%99intrusions%20Informatiquespar%20Syst
%C3%A8me%20Multi%20Agents%20%282018%29)
8. Ouiazzane, S., Addou, M., Barramou, F.: A multi-agent model for
network intrusion detection. In: 2019 1st International Conference on
Smart Systems and Data Science (ICSSD). IEEE (2019)
Google Scholar (https://scholar.google.com/scholar?q=Ouiazzane
%2C%20S.%2C%20Addou%2C%20M.%2C%20Barramou%2C%20F.
%3A%20A%20multi-
agent%20model%20for%20network%20intrusion%20detection.%20In
%3A%202019%201st%20International%20Conference%20on%20Smar
t%20Systems%20and%20Data%20Science
%20%28ICSSD%29.%20IEEE%20%282019%29)
9. Hafsa, M., Jemili, F.: Comparative Study between Big Data Analysis
Techniques in Intrusion Detection, p. 1. Big Data and Cognitive
Computing
Google Scholar (https://scholar.google.com/scholar?q=Hafsa
%2C%20M.%2C%20Jemili%2C%20F.
%3A%20Comparative%20Study%20between%20Big%20Data%20Anal
ysis%20Techniques%20in%20Intrusion%20Detection
%2C%20p.%201.%20Big%20Data%20and%20Cognitive%20Computin

3 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

g)
10. Belouch, M., El Hadaj, S., Idhammad, M.: Performance evaluation of
intrusion detection based on machine learning using Apache Spark.
Procedia Comput. Sci. 1–6 (2018)
Google Scholar (https://scholar.google.com/scholar?q=Belouch
%2C%20M.%2C%20El%20Hadaj%2C%20S.%2C%20Idhammad
%2C%20M.
%3A%20Performance%20evaluation%20of%20intrusion%20detection
%20based%20on%20machine%20learning%20using%20Apache%20S
park.%20Procedia%20Comput.%20Sci.%201%E2%80%936%20
%282018%29)
11. Zhang, H., Dai, S., Li, Y., Zhang, W.: Real-time distributed-random-
forest-based network intrusion detection system using Apache spark.
In: 2018 IEEE 37th International Performance Computing and
Communications Conference (IPCCC), pp. 1–7. IEEE (2018)
Google Scholar (https://scholar.google.com/scholar?q=Zhang
%2C%20H.%2C%20Dai%2C%20S.%2C%20Li%2C%20Y.
%2C%20Zhang%2C%20W.%3A%20Real-time%20distributed-random-
forest-
based%20network%20intrusion%20detection%20system%20using%20
Apache%20spark.%20In
%3A%202018%20IEEE%2037th%20International%20Performance%2
0Computing%20and%20Communications%20Conference
%20%28IPCCC%29%2C%20pp.%201%E2%80%937.%20IEEE
%20%282018%29)
12. Saravanan, S., et al.: Performance evaluation of classification
algorithms in the design of Apache Spark based intrusion detection
system. In: 2020 5th International Conference on Communication and
Electronics Systems (ICCES), pp. 443–447. IEEE (2020)
Google Scholar (https://scholar.google.com/scholar?q=Saravanan
%2C%20S.%2C%20et%20al.
%3A%20Performance%20evaluation%20of%20classification%20algori
thms%20in%20the%20design%20of%20Apache%20Spark%20based%
20intrusion%20detection%20system.%20In
%3A%202020%205th%20International%20Conference%20on%20Co
mmunication%20and%20Electronics%20Systems%20%28ICCES
%29%2C%20pp.%20443%E2%80%93447.%20%20IEEE
%20%282020%29)
13. Karatas, G., Demir, O., Sahingoz, O.K.: Increasing the Performance of
Machine Learning-Based IDSs on an Imbalanced and Up-to-Date
Dataset, pp. 32150–32162. IEEE Access (2020)
Google Scholar (https://scholar.google.com/scholar?q=Karatas
%2C%20G.%2C%20Demir%2C%20O.%2C%20Sahingoz%2C%20O.K.
%3A%20Increasing%20the%20Performance%20of%20Machine%20Le
arning-Based%20IDSs%20on%20an%20Imbalanced%20and%20Up-
to-Date%20Dataset%2C%20pp.%2032150%E2%80
%9332162.%20IEEE%20Access%20%282020%29)

4 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

14. Ferrag, M.A., Maglaras, L., Janicke, H., Smith, R.: Deep learning
techniques for cyber security intrusion detection: a detailed analysis.
In: 6th International Symposium for ICS & SCADA Cyber Security
Research, pp. 126–136 (2019)
Google Scholar (https://scholar.google.com/scholar?q=Ferrag
%2C%20M.A.%2C%20Maglaras%2C%20L.%2C%20Janicke%2C%20H.
%2C%20Smith%2C%20R.
%3A%20Deep%20learning%20techniques%20for%20cyber%20securit
y%20intrusion%20detection%3A%20a%20detailed%20analysis.%20In
%3A%206th%20International%20Symposium%20for%20ICS%20%26
%20SCADA%20Cyber%20Security%20Research%2C%20pp.%20126
%E2%80%93136%20%282019%29)
15. Lypa, B., Iver, O., Kifer, V.: Application of machine learning methods
for network intrusion detection system (2019)
Google Scholar (https://scholar.google.com/scholar?q=Lypa
%2C%20B.%2C%20Iver%2C%20O.%2C%20Kifer%2C%20V.
%3A%20Application%20of%20machine%20learning%20methods%20f
or%20network%20intrusion%20detection%20system
%20%282019%29)
16. Kim, J., Shin, Y., Choi, E., et al.: An intrusion detection model based on
a convolutional neural network. J. Multimed. Inf. Syst. 165–172 (2019)
Google Scholar (https://scholar.google.com/scholar?q=Kim%2C%20J.
%2C%20Shin%2C%20Y.%2C%20Choi%2C%20E.%2C%20et%20al.
%3A%20An%20intrusion%20detection%20model%20based%20on%2
0a%20convolutional%20neural%20network.
%20%20J.%20Multimed.%20Inf.%20Syst.%20165%E2%80%93172
%20%282019%29)
17. IDS 2018 | Datasets. unb.ca/cic/datasets/ids-2018. [Online] (2018).
https://www.unb.ca/cic/datasets/ids-2018.html (https://www.unb.ca
/cic/datasets/ids-2018.html)
18. Foukia, N., Hulaas, J.G., Harms, J.: Intrusion Detection with Mobile
Agents (2001)
Google Scholar (https://scholar.google.com/scholar?q=Foukia
%2C%20N.%2C%20Hulaas%2C%20J.G.%2C%20Harms%2C%20J.
%3A%20Intrusion%20Detection%20with%20Mobile%20Agents
%20%282001%29)
19. Achbarou, O., El Kiram, M.A., Bourkoukou, O., Elbouanani, S.: A new
distributed intrusion detection system based on multi-agent system for
cloud environment. Int. J. Commun. Netw. Inf. Secur. (Kohat
University of Science and Technology (KUST)) 526 (2018)
Google Scholar (https://scholar.google.com/scholar?q=Achbarou
%2C%20O.%2C%20El%20Kiram%2C%20M.A.%2C%20Bourkoukou
%2C%20O.%2C%20Elbouanani%2C%20S.
%3A%20A%20new%20distributed%20intrusion%20detection%20syste
m%20based%20on%20multi-
agent%20system%20for%20cloud%20environment.%20Int.%20J.%20

5 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

Commun.%20Netw.%20Inf.%20Secur.
%20%28Kohat%20University%20of%20Science%20and%20Technology
%20%28KUST%29%29%20526%20%282018%29)
20. Anusha, K., Usha Rani, K.: Performance evaluation of Spark SQL for
batch processing. In: Emerging Research in Data Engineering Systems
and Computer Communications, pp. 145–153. Springer (2020)
Google Scholar (https://scholar.google.com/scholar?q=Anusha
%2C%20K.%2C%20Usha%20Rani%2C%20K.
%3A%20Performance%20evaluation%20of%20Spark%20SQL%20for%
20batch%20processing.%20In
%3A%20Emerging%20Research%20in%20Data%20Engineering%20S
ystems%20and%20Computer%20Communications%2C%20pp.%20145
%E2%80%93153.%20Springer%20%282020%29)
21. Apache Spark™. [Online] (2020). https://databricks.com/spark/about
(https://databricks.com/spark/about)
22. Salloum, S., Dautov, R., Chen, X., Peng, P.X., Huang, J.Z.: Big data
analytics on Apache Spark. Int. J. Data Sci. Anal. (Springer) 145–164
(2016)
Google Scholar (https://scholar.google.com/scholar?q=Salloum
%2C%20S.%2C%20Dautov%2C%20R.%2C%20Chen%2C%20X.
%2C%20Peng%2C%20P.X.%2C%20Huang%2C%20J.Z.
%3A%20Big%20data%20analytics%20on%20Apache%20Spark.%20In
t.%20J.%20Data%20Sci.%20Anal.%20%28Springer%29%20145
%E2%80%93164%20%282016%29)
23. Morfino, V., Rampone, S.: Towards Near-Real-Time Intrusion
Detection for IoT Devices using Supervised Learning and Apache Spark,
p. 444. Electronics. Multidisciplinary Digital Publishing Institute
(2020)
Google Scholar (https://scholar.google.com/scholar?q=Morfino
%2C%20V.%2C%20Rampone%2C%20S.%3A%20Towards%20Near-
Real-
Time%20Intrusion%20Detection%20for%20IoT%20Devices%20using
%20Supervised%20Learning%20and%20Apache%20Spark
%2C%20p.%20444.%20Electronics.%20Multidisciplinary%20Digital%
20Publishing%20Institute%20%282020%29)
24. Satapathy, S.C., Bhateja, V., Das, S.: Smart intelligent computing and
applications. In: Proceedings of the Second International Conference
on SCI (2018)
Google Scholar (https://scholar.google.com/scholar?q=Satapathy
%2C%20S.C.%2C%20Bhateja%2C%20V.%2C%20Das%2C%20S.
%3A%20Smart%20intelligent%20computing%20and%20applications.
%20In
%3A%20Proceedings%20of%20the%20Second%20International%20C
onference%20on%20SCI%20%282018%29)
25. How to Overcome the Limitations of RDD in Apache Spark? [Online].
https://data-flair.training/blogs/apache-spark-rdd-limitations/

6 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

(https://data-flair.training/blogs/apache-spark-rdd-limitations/)
26. What-microsoft-azure-is-and-why-it-matters. [Online] (2018).
https://ccbtechnology.com/what-microsoft-azure-is-and-why-it-
matters/ (https://ccbtechnology.com/what-microsoft-azure-is-and-
why-it-matters/)
27. Rachburee, N., Punlumjeak, W.: Big data analytics: feature selection
and machine learning for intrusion detection on microsoft azure
platform. J. Telecommun. Electron. Comput. Eng. (JTEC) 107–111
(2017)
Google Scholar (https://scholar.google.com/scholar?q=Rachburee
%2C%20N.%2C%20Punlumjeak%2C%20W.
%3A%20Big%20data%20analytics
%3A%20feature%20selection%20and%20machine%20learning%20for
%20intrusion%20detection%20on%20microsoft%20azure%20platform
.%20J.%20Telecommun.%20Electron.%20Comput.%20Eng.
%20%28JTEC%29%20107%E2%80%93111%20%282017%29)
28. Blob storage. [Online]. https://azure.microsoft.com/en-us/services
/storage/blobs/ (https://azure.microsoft.com/en-us/services/storage
/blobs/)
29. Quinto, B.: XGBoost, Covers and LightGBM, Spark NLP. In: Next-
Generation Machine Learning with Spark. Springer
Google Scholar (https://scholar.google.com/scholar?q=Quinto
%2C%20B.%3A%20XGBoost%2C%20Covers%20and%20LightGBM
%2C%20Spark%20NLP.%20In%3A%20Next-
Generation%20Machine%20Learning%20with%20Spark.%20Springer)
30. Quinto, B.: Introduction to Spark and Spark MLlib. In: Next-
Generation Machine Learning with Spark, pp. 29–96. Springer (2020)
Google Scholar (https://scholar.google.com/scholar?q=Quinto
%2C%20B.
%3A%20Introduction%20to%20Spark%20and%20Spark%20MLlib.%2
0In%3A%20Next-
Generation%20Machine%20Learning%20with%20Spark
%2C%20pp.%2029%E2%80%9396.%20Springer%20%282020%29)
31. Chourasiya, R., Patel, V., Shrivastava, A.: Classification of cyber attack
using machine learning technique at microsoft azure cloud. Int. Res. J.
Eng. Appl. Sci. (2018)
Google Scholar (https://scholar.google.com/scholar?q=Chourasiya
%2C%20R.%2C%20Patel%2C%20V.%2C%20Shrivastava%2C%20A.
%3A%20Classification%20of%20cyber%20attack%20using%20machin
e%20learning%20technique%20at%20microsoft%20azure%20cloud.
%20%20Int.%20Res.%20J.%20Eng.%20Appl.%20Sci.
%20%282018%29)
32. Dahiya, P., Srivastava, D.K.: Network intrusion detection in big dataset
using Spark. Procedia Comp. Sci. (Elsevier) 253–262 (2018)
Google Scholar (https://scholar.google.com/scholar?q=Dahiya

7 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

%2C%20P.%2C%20Srivastava%2C%20D.K.
%3A%20Network%20intrusion%20detection%20in%20big%20dataset%20usi
ng%20Spark.%20Procedia%20Comp.%20Sci.%20%28Elsevier%29%20253
%E2%80%93262%20%282018%29)
33. Khan, M.A., Kim, J.: Toward Developing Efficient Conv-AE-Based
Intrusion Detection System Using Heterogeneous Dataset, p. 1771.
Electronics. Multidisciplinary Digital Publishing Institute (2020)
Google Scholar (https://scholar.google.com/scholar?q=Khan
%2C%20M.A.%2C%20Kim%2C%20J.
%3A%20Toward%20Developing%20Efficient%20Conv-AE-
Based%20Intrusion%20Detection%20System%20Using%20Heterogen
eous%20Dataset
%2C%20p.%201771.%20Electronics.%20Multidisciplinary%20Digital%
20Publishing%20Institute%20%282020%29)
34. Ranjana, P., et al.: Anomaly detection of DDOS attacks using Hadoop.
In: Emerging Research in Computing, Information, Communication
and Applications, pp. 543–552. Springer (2019)
Google Scholar (https://scholar.google.com/scholar?q=Ranjana
%2C%20P.%2C%20et%20al.
%3A%20Anomaly%20detection%20of%20DDOS%20attacks%20using
%20Hadoop.%20In
%3A%20Emerging%20Research%20in%20Computing
%2C%20Information%2C%20Communication%20and%20Applications
%2C%20pp.%20543%E2%80%93552.%20Springer%20%282019%29)

Copyright information

© The Author(s), under exclusive license


to Springer Nature Singapore Pte
Ltd. 2021

About this paper

Cite this paper as:


Tesnim Y., Farah J. (2021) A Multi-Agent-Based System for Intrusion Detection. In: Jezic G., Chen-Burger J.,
Kusek M., Sperka R., Howlett R.J., Jain L.C. (eds) Agents and Multi-Agent Systems: Technologies and
Applications 2021. Smart Innovation, Systems and Technologies, vol 241. Springer, Singapore. https://doi.org

8 di 9 24/11/2021, 09:21
A Multi-Agent-Based System for Intrusion Detection | SpringerLink https://link.springer.com/chapter/10.1007%2F978-981-16-2994-5_15

/10.1007/978-981-16-2994-5_15

First Online
08 June 2021

DOI
https://doi.org/10.1007/978-981-16-2994-5_15

Publisher Name
Springer, Singapore

Print ISBN
978-981-16-2993-8

Online ISBN
978-981-16-2994-5

eBook Packages
Intelligent Technologies and Robotics
Intelligent Technologies and Robotics (R0)

Reprints and Permissions

© 2020 Springer Nature Switzerland AG. Part of Springer Nature.


Not logged in · Not affiliated · 151.75.183.90

9 di 9 24/11/2021, 09:21

You might also like