Intrusion Detection System based on the optimal ant colony routing algorithm

Intrusion Detection System based on the optimal ant colony routing algorithm

Table of Contents


Intrusion Detection System based on the ant colony routing algorithm is used to reduce judgment and misdiagnosis and increase the immediate response in existing intrusion detection techniques. With the breakdown of a broad-spectrum intrusion detection system into independent diagnostic departments with unique performance, we will see a significant increase in data processing volume and complexity of diagnostic signature selection, which are two key factors influencing the effectiveness of existing intrusion detection techniques. “They will be reduced.” Also, using the information obtained from each of the independent sections of the detection, a complex infiltration can be identified throughout the Intrusion detection system. To run a default system, key information such as network tracking, system call detection and detection, and data collection and sharing must be considered. The ant colony algorithm is used to find the optimal path for the exchange of common information between different parts of the diagnosis. The algorithm uses three phases of path detection, path retention, and error detection to find this path. It should be noted that in large and dynamic networks, there is a possibility of birth or removal of the path. The optimal path detected by the ant algorithm in such dynamic networks does not have an initial optimization over time. In the error detection phase, the algorithm must be optimized to ensure optimization at no extra cost. In this paper, this possibility has been investigated and an attempt has been made to maintain the direction of the path by presenting a mathematical model.


Intrusion, Detection, Intrusion Detection, ant colony, the routing algorithm


Over the past decade, the Internet has shifted from a fledgling computer network to a multi-million dollar industry, and information security for users has become a real “big concern.” They see it as a good opportunity for their mischievous mischief. In practice, it is impossible to keep a network completely secure because it is possible to keep a network safe in the sense of protecting it from all attacks. Network security. By analyzing the data source of the intrusion detection technique, we can analyze the root cause.

There are two main sources of data for intrusion detection techniques: network data packets for the network-based intrusion detection system (Network-Based IDS (NIDS)) and monitoring and recording system events for (intrusion detection system) under the host ( Host-Based IDS (HIDS)).

Due to the increasing speed of data traffic, the detection of network penetration is more than the IDS processing capacity; NIDS is not specifically designed for IDS, and stored variables usually cannot meet IDS requirements and usually require a complex algorithm for data mining. A large amount of data processing and complex signature selection are the main problems of the intrusion detection technique and directly affect the efficiency and timeliness of intrusion detection. Biological mechanisms play the greatest role in network security. For example, IDS is based on artificial immunity. In fact, we use biological intelligence. It has been discovered that social insects such as ants and bees, etc., have low intelligence as far as their tactics are concerned (if they are examined) and their individual performance is not predicted. But collectively, they are able to solve very complex problems and show a very high level of collective intelligence.

For example, an ant can quickly identify the shortest route to a food source from several routes. Research shows that collective intelligence has the following characteristics:

  1. Flexibility: A colony can adapt to changing conditions.
  2. Stability: In case of failure of a member, the clonal set can complete that task.
  3. Self-organization: Activities do not require central control or local inspection, which is also interpreted as independence.

In addition, among these three features, the first two features result from the third feature – through their simple self-organization and one-on-one interaction, complex and intelligent behavior is formed. Further research shows that the key issue in collective intelligence is: on the one hand, each member is constantly collaborating with a colony by leaving useful information (referring to pheromone); On the other hand, the performance of each member is based on the use of information left over from other members – this is a feature of clonal superiority.

The Biological Theory of Collective Intelligence has been used extensively in network application applications, such as Liu Zhenyu of the University of Birmingham, to propose a network routing algorithm based on collective intelligence; Paul of the University of Norway, University of Science and Technology in Norway, had a design proposal for self-management of virtual paths in dynamic networks. This paper also attempts to improve the technique of intrusion detection by optimally using the ant colony algorithm. My theory specifically points to improvements in order to maintain optimal route maintenance efficiency in a large and complex intrusion detection system that includes independent diagnostic units with unique functionality, which significantly reduces diagnostic data processing volume and complexity of signature selection. Is diagnosed.

IDS is based on collective intelligence. The third section offers a true description of the mechanism of cumulative intelligence modeling. The key techniques of this model are presented in the fourth section. The fifth section discusses the ant algorithm and the basis of its work and the study of its phases. The sixth section includes the proposed algorithm and the study of the problem and the presentation of the hypotheses. In the seventh section, the conclusion of the proposed algorithm and the eighth section are the end of the article


Reducing the misdiagnosis rate and improving the timeliness of the main goals of the intrusion detection technique to create practical value. The ant-based intrusion algorithm detection system model was able to better solve problems by analyzing diagnostic functions, adapting traffic separation, and exchanging mutual information and shared information between diagnostic units and maintaining optimal optimization. But in dynamic networks, the instability of the paths would cause the optimization of the path to be lost. This paper seeks to address this weakness of the ant antelope algorithm. Using the proposed solution, it is possible to significantly increase the speed of sending information detected by the detection factors in the network. The reason for this is to maintain the optimization of the path in the error detection phase.

About KSRA

The Kavian Scientific Research Association (KSRA) is a non-profit research organization to provide research / educational services in December 2013. The members of the community had formed a virtual group on the Viber social network. The core of the Kavian Scientific Association was formed with these members as founders. These individuals, led by Professor Siavosh Kaviani, decided to launch a scientific / research association with an emphasis on education.

KSRA research association, as a non-profit research firm, is committed to providing research services in the field of knowledge. The main beneficiaries of this association are public or private knowledge-based companies, students, researchers, researchers, professors, universities, and industrial and semi-industrial centers around the world.

Our main services Based on Education for all Spectrum people in the world. We want to make an integration between researches and educations. We believe education is the main right of Human beings. So our services should be concentrated on inclusive education.

The KSRA team partners with local under-served communities around the world to improve the access to and quality of knowledge based on education, amplify and augment learning programs where they exist, and create new opportunities for e-learning where traditional education systems are lacking or non-existent.

FULL Paper PDF file:

Intrusion Detection System based on the optimal ant colony routing algorithm




  1. SeyedHamidReza Alavifar,
  2. Mahmood SalehEsfehani




Intrusion Detection System based on the optimal ant colony routing algorithm

Publish in

5th Iranian Security Community Conference



+ posts