Multi-Agent Heterogeneous Intrusion Detection System

Multi-agent heterogeneous intrusion detection system (MAHIDS) is a prototype proposed to detect untrusted and unusual network behaviour. The main contribution of the system is the integration of several anomaly detection techniques and machinery of multi-agent temporal logic with hybrid argumentation. Every detection technique is represented by featuring a specific detection autonomous agent. In this stage, every agent determines the flow trustfulness from aggregated connection. The anomalies are used as an input for machinery of multiagent temporal logic which is represented by the logical agent. The logical agent is one of the system’s advantages because it has huge capabilities for making a right decision about intrusions from detected anomalies. Another significant advantage of M-AHIDS is a new innovative agent – Web agent. The Web agent is capable to detect trusted host from his activity on web pages. The system M-AHIDS is based on traffic statistics in sFlow format acquired by network device with sFlow agent and is able to perform a real-time surveillance of the 10 Gb networks.