Off-campus Eastern Washington University users: To download EWU Only theses, please use the following link to log into our proxy server with your EWU NetID and password.
Non-EWU users: Please talk to your local librarian about requesting this thesis through Interlibrary loan.
Date of Award
Spring 2003
Rights
Access perpetually restricted to EWU users with an active EWU NetID
Document Type
Thesis: EWU Only
Degree Name
Master of Science (MS) in Computer Science
Department
Computer Science
Abstract
Demand for intrusion detection systems (IDSs) has increased significantly due to the exponential increase of malignant activities and the shortage of trained network administrators. It is mandatory that an IDS aid network administrators in responding quickly to security threats in order to prevent or minimize damage to computer networks. Conventionally, knowledge-based or rule-based approaches are dominantly used for lntmsion detection tasks. Knowledge construction, especially for probabilistic knowledge, usually requires a large collection of significant representative samples. However, this is not always feasible due to the complex structures of input spaces of intrusive activities (this is the cause of the "base-fallacy problem''). This is further complicated by the accelerated rate of appearance of new malicious activities. Reviewing the taxonomy of detection approaches (anomaly and signature-based), various sensors (host-based and network-based), and system architecture (stand-alone and distributed), we believe that the ideal IDS should be distributed, intelligent (i.e. perceptual and adaptive) and heterogeneous. Consequently, artificial intelligence approaches are taken within the application domain of intrusion detection in general. LTl particular, a multi-agent system distributed over a computer network consisting of agents with various behaviors is studied. We also consider soft computing approaches due to their ability to handle perceptual information. The results from these agents are aggregated as a group decision. This provides fewer false-positives and improved classification compared to many IDSs that use a single detection method.
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Recommended Citation
Miller, Patrick, "Intrusion detection, intelligent agents, and soft computing" (2003). EWU Masters Thesis Collection. 828.
https://dc.ewu.edu/theses/828