Survival Architecture for Distributed Intrusion Detection System (dIDS) using Mobile Agent.

Abstract

The attacking of the infrastructure of the computer network is seems to be one of the major problems. The increasing number of the Internet user all over the world comes with the risk that occurs from many network threats. One of the major tools for protecting the network attacking is the intrusion detection system (IDS), which make the system being the first target that will be attacked by the intruder. As we cannot avoid them, the problem is when there is an attack, how does the intrusion detection system survived. In this research, we show the restriction of the present intrusion detection system architecture and propose the new architecture that can handle the attack via the network and survive from it, using the mobile agent technology with the network topology design that hides the main resource of the network behind the intrusion detection system which separates network resource into segments and installs the monitored host onto each of network segment for robustness from all pattern of the attacking. The design avoid the single point of failure, shadow agent, together with proxy agent, fast backup and recovery mechanism, multicast group and the encryption of the communication between all the IDS for the network security.