Abstract
With a rise in threats and attacks related to security, many companies have widely deployed Intrusion Detection Systems (IDSs) to protect their assets. Thus IDS are becoming the first targets before the attackers launch further attacks on valuable host-based components. In order to guard against this threat, we propose a secure mobile agent architecture to make the IDS architecture attack resistant. In this architecture, we use proxy agent groups to depart the critical IDS components and the leaf IDS components so that the attackers be frustrated by not knowing the critical IDS components. We also have designed a buddy agent group that will protect the proxy agents and disseminate the central directory services. We ensure that the IDS will evade from attacks and still be able to function since there is no single point of failure in the system from the attacks. The IDS agents can also be recovered soon using our immediate backup mechanisms. Through the attack analysis, we prove that our proposed IDSs architecture is capable to evade from tampering and disabling by attackers.