Agent Based Intrusion Detection System: A computational biology approach

This paper is focused on Network and Agent Based Intrusion Detection Systems. This paper includes an overview of several IDS implementations. Many approaches based on Hidden Markov Models and various forms of Finite State Automata have been proposed to solve problem of detecting anomaly intrusion, a security attack in which an intruder assumes the identity of a legitimate user. It is proposed to give a general framework for IDS based on the application of techniques used in bioinformatics and agent technology. Our approach is focused on the application of techniques used in bioinformatics for a pairwise sequence alignment and multiple sequence alignment to compare the monitored session with past user behavior. To achieve low false positive rate in this framework the intrusion can be detected by means of comparing the signature of the current user's session with already existing signatures of the potential intruder. The algorithms of computational biology such as approximation algorithm and Carillo-Lippman heuristic algorithm and sum-of-pairs scoring function are used to measure similarity between a sequence of commands produced by a potential intruder, the user signature and past intruder's signatures. Finally in this research work computational bioinformatics techniques and agent technology are used to offer security in host and network to yield a promising combination of intrusion detection rate and false positive rate.