A New Distributed Intrusion Detection Method Based on Immune Mobile Agent

Intrusion detection system based on mobile agent has overcome the speed-bottleneck problem and reduced network load. Because of the low detecting speed and high false positive rate of traditional intrusion detection system, we have construct an immune agent by combining immune system with mobile agent. In the distributed intrusion detection systems, the data is collected mostly using distributed component to collect data sent for processing center. Data is analyzed in the processing center. this models have the following problems: bad real time capability, bottleneck, and single point of failure. In order to overcome these shortcomings, a new distributed intrusion detection method based on mobile agent is proposed in this paper, by using the intelligent and mobile characteristics of the agent. Analysis shows that the network load can be reduced and the real time capability of the system can be improved with the new method. The system is also robust and fault-tolerant. For mobile agent only can improve the structure of system, dynamic colonel selection algorithm is adopted for reducing false positive rate. The simulation results on KDD99 data set have proved that the new method has low false positive rate and high detection rate.