Login | Register

Anomaly Detection Using Multi Agent Systems


Anomaly Detection Using Multi Agent Systems

Khosravifar, Sama (2018) Anomaly Detection Using Multi Agent Systems. Masters thesis, Concordia University.

[thumbnail of Khosravifar_MSc_October2018.pdf]
Text (application/pdf)
Khosravifar_MSc_October2018.pdf - Accepted Version
Restricted to Repository staff only
Available under License Spectrum Terms of Access.


Daily access to Internet, increase in number of users, and newly discovered violations of policies, have become much more frequent over the last few decades as technology advances. Learning how to recognize these new violations as well as facing these new violations are two parallel concepts. There exist approaches that detect these violations often called intrusions or anomalies. A large body of knowledge focuses on developing new algorithms for anomaly detection, determining accurate thresholds for decision making upon detection, and combining different sources of data for increased performance. In this thesis, we propose a multi-agent anomaly detection system, in which agents collaborate with each other to detect anomalies in an effective way. We use multiple agents to set a cost on communication between them, and to make the final decision based on the combined results of all agents. Unlike other approaches, since our proposed approach is flexible in terms of the number of agents, so it will not fail while using fewer agents, or some agents fail to perform.
The key elements in our approach are in using system call based datasets, deciding on the number of agents, and their methodologies, as well as the cost for communication between the agents. The final result of the system might ignore agents if they are not providing feedback that will result in higher accuracy of anomaly detection. We analyze the results by plotting a Receiver Operating Characteristic (ROC) curve and focusing on the Area Under the Curve (AUC) using different thresholds. We make the final decision based on the most suitable threshold for agents.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Electrical and Computer Engineering
Item Type:Thesis (Masters)
Authors:Khosravifar, Sama
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Electrical and Computer Engineering
Date:12 October 2018
Thesis Supervisor(s):Hamou-Lhadj, Wahab
ID Code:984628
Deposited On:27 Oct 2022 13:46
Last Modified:27 Oct 2022 13:46
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Research related to the current document (at the CORE website)
- Research related to the current document (at the CORE website)
Back to top Back to top