Universiti Teknologi Malaysia Institutional Repository

A systematic state-of-the-art analysis of multi-agent intrusion detection

Saeed, I. A. and Selamat, A. and Rohani, M. F. and Krejcar, O. and Chaudhry, J. A. (2020) A systematic state-of-the-art analysis of multi-agent intrusion detection. IEEE Access, 8 . 180184 -180209. ISSN 2169-3536

Full text not available from this repository.

Official URL: http://dx.doi.org/10.1109/ACCESS.2020.3027463

Abstract

Multi-agent architectures have been successful in attaining considerable attention among computer security researchers. This is so, because of their demonstrated capabilities such as autonomy, embedded intelligence, learning and self-growing knowledge-base, high scalability, fault tolerance, and automatic parallelism. These characteristics have made this technology a de facto standard for developing ambient security systems to meet the open and dynamic nature of today's online communities. Although multi-agent architectures are increasingly studied in the area of computer security, there is still not enough empirical evidence on their performance in intrusions and attacks detection. The aim of this paper is to report the systematic literature review conducted in the context of specific research questions, to investigate multi-agent IDS architectures to highlight the issues that affect their performance in terms of detection accuracy and response time. We used pertinent keywords and terms to search and retrieve the most recent research studies, on multi-agent IDS architectures, from the major research databases and digital libraries such as SCOPUS, Springer, and IEEE Explore. The search processes resulted in a number of studies; among them, there were journal articles, book chapters, conference papers, dissertations, and theses. The obtained studies were assessed and filtered out, and finally, there were over 71 studies chosen to answer the research questions. The results of this study have shown that multi-agent architectures include several advantages that can help in the development of ambient IDS. However, it has been found that there are several issues in the current multi-agent IDS architectures that may degrade the accuracy and response time of intrusions and attacks detection. Based on our findings, the issues of multi-agent IDS architectures include limitations in the techniques, mechanisms, and schemes used for multi-agent IDS adaptation and learning, load balancing, scalability, fault-tolerance, and high communication overhead. It has also been found that new measurement metrics are required for evaluating multi-agent IDS architectures.

Item Type:Article
Uncontrolled Keywords:attacks, cyberphysical system, IDS architectures
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:Computing
ID Code:93423
Deposited By: Narimah Nawil
Deposited On:30 Nov 2021 08:21
Last Modified:30 Nov 2021 08:21

Repository Staff Only: item control page