The detection of attacks against computer networks is becoming a harder problem to solve in the field of network security. The dexterity of the attackers, the developing technologies and the enormous growth of internet traffic have made it difficult for any existing intrusion detection system to offer a reliable service. However, a close examination of the problem shows that there usually exists a behavioral pattern in the attacks that can be learned and can be used to detect intrusions more effectively. Thus, there is a requirement for a system with learning and adapting capabilities for optimal performance. This paper discusses the design of a Learning Intrusion Detection System (LIDS) that includes a blackboard-based architecture with autonomous agents. It has the capability for online learning, which may result in better performance than present systems. This feature enables the system to adapt to changes in the network environment as it assimilates more network data.
Published Date: May 2003
Registration: ISBN 978-1-57735-177-1
Copyright: Published by The AAAI Press, Menlo Park, California.