ACO based Distributed Intrusion Detection System

Intrusion detection is a problem of great significance to protecting information systems security. An intruder may move between multiple nodes in the network to conceal the origin of attack. Distributed intrusion detection and prevention plays an increasingly important role in securing computer networks. To overcome the limitations of conventional intrusion detection systems, alerts are made in distributed intrusion detection system which are exchanged and correlated in a cooperative fashion. It is necessary to develop fast machine learning based intrusion detection algorithms with high detection rates and low false alarm rates, due to the variety of network behaviors and the rapid development of attack fashions. The system has to observe to trigger thousands of alerts per day, in which most are mistakenly triggered by the false identification. So it is difficult for the analyst to correctly identify alerts related to the attack. This paper presents an intelligent learning approach using Ant Colony Optimization (ACO) based distributed intrusion detection system to detect intrusions in the distributed network. The experimental results on the proposed system with the feature extraction algorithm is effective to detect the unseen intrusion attacks with high detection rate and recognize normal network traffic with low false alarm rate.