Agent Based Intrusion Detection System to Find Layers Attacks

The development and advancement in communication technology and its related techniques, users have experienced the joy of the fast information technology era. Advancements in thin devices such as smart phone like windows phone or Google Android phones has a key factor to glue on network access service. The most amazing fact is that conventional TCP/IP model has driven all the services to the end user with some valuable enrichment on it. The key metrics play an important role to keep the information intact-Confidentiality, Integrity and Availability (CIA). Intrusion detection system prevents unauthorized access of computer without giving permission and detection helps to us to determine whether or not someone attempted to break into our system. In this paper we present an enhanced Agent Based [1-2] security model to discover unknown attacks or intrusion. Proposed system works in dual mode, network and host. In network model the real time traffic behavior (flows /attribute) has captured from the network while in host mode the user logs and user activity has been checked and monitored from. Attributes collected from both the mode, i.e. Network as well as host traffic with respect to the time as well as acknowledgment of protocol. In Proposed "Agent Based Intrusion Detection System" (ABIDS) has designed five types of agents to shield from both side (Host and Network). Agents are works in distributed manner to and communicate with each other to check the abnormality (suspicious) of the incoming traffic or logs via ACL.