AENeID: Agent Emergent Network Intrusion Detection
Computer networks continue to be the targets of numerous types of attacks, which can expose sensitive data or simply deny service to legitimate users. Current intrusion detection technologies utilize signature bases that allow them to rapidly and accurately identify known attacks. This, however, leaves them vulnerable to previously unknown attacks. An adaptive approach, capable of recognizing novel attacks, is warranted. The proposed research presents an adaptive agent-based intrusion detection sys¬tem. The approach is innovative in several respects: the agents self-organize into a scale-free peer-to-peer network, emergent behavior is facilitated by allowing simple communication between the agents, and the system is adaptive both to recognize new attacks and to the loss of agents, and can withstand the loss of up to 25% of its agents without impairing its functionality. This combination of innovations represents a significant advance in the application of artificial intelligence techniques to intrusion detection.