Mining information assurance data with a hybrid intelligence/multi-agent system

In today´s world an unprecedented and overwhelming volume of information is available to organizations of all sizes; the resultant “information overload” problem is well documented. This problem is especially challenging in the world of network intrusion detection. In this research we demonstrate that in the domain of offline network data mining, several different data mining algorithms (hybrid intelligence) operating concurrently on the same data in a multi-agent system, and reporting their results for interpretation and interpolation, will yield more accurate characterizations and extract more knowledge than a single data mining algorithm acting on its own. We also briefly outline the design and functions of our SPADE-based multi-agent system, demonstrating its effectiveness at automating multi-path data mining tasks. This code ingests a PCAP, semi-autonomously pre-processes it and feeds it into Weka for processing/mining using several different algorithms. It then presents results to a human operator providing a feedback insertion point.