Intrusion detection system using honeypots and swarm intelligence

Abstract

As the number and size of the Network and Internet traffic increase and the need for the intrusion detection grows in step to reduce the overhead required for the intrusion detection and diagnosis, it has made public servers increasingly vulnerable to unauthorized accesses and incursion of intrusions. In addition to maintaining low latency and poor performance for the client, filtering unauthorized accesses has become one of the major concerns of a server administrator. Honeypots are decoy computer resources set up for the purpose of monitoring and logging the activities of entities that probe, attack or compromise them. Activities on honeypots can be considiered suspicious by definition, as there is no point for benign users to interact with these systems. Honeypots come in many shapes and sizes; examples include dummy items in a database, low-interaction network components like preconfigured traffic sinks, or full-interaction hosts with real operating systems and services. Honeypots are easy to use, capture the required information and mainly used by the corporate companies to secure their networks from the online hackers and unauthorized users. Most honeypots are installed and configured inside the firewall programs so that they can be better controlled. In this paper, we are proposing the concept of Forward and Backward Ants (Swarm Intelligence) along with Honeypots to detect the network intrusion by following a pre-established concept of load balancer and Intrusion Detection System.