A distributed agent-based approach to intrusion detection using the lightweight PCC anomaly detection classifier

In this paper, a novel agent-based distributed intrusion detection system (IDS) is proposed, which integrates the desirable features provided by the distributed agent-based design methodology with the high accuracy and speed response of the principal component classifier (PCC). Experimental results have shown that the PCC lightweight anomaly detection classifier outperforms other existing anomaly detection algorithms such as the KNN and LOF classifiers. In order to assess the performance of the PCC classifier on a real network environment, the relative assumption model together with feature extraction techniques are used to generate normal and anomalous traffic in a LAN testbed. Finally, scalability and response performance of the proposed system are investigated through the simulation of the proposed communication architecture. The simulation results demonstrate a satisfactory linear relationship between the degradation of response performance and the scalability of the system