Using AI Agents in Intrusion Detection: Historical perspective

Intrusion/anomaly detection is an important part of cyber security. This is the process of identifying computer or network activity that is malicious or unauthorized. Most of the intrusion detection systems (IDSs) have a similar structure and component set. Each IDS consists of some sensors or agents that monitor one or more data sources, apply some type of detection algorithm, and then send alerts or take responses when an attack or anomaly is detected. 

 

Over the years, IDSs use autonomous agents, intelligent agents, mobile agents, or some combination of these agents. Mobile agent technology uses the principles of different fields, such as artificial intelligence, neural networks, fuzzy logic, genetic algorithms, etc. to make them intelligent. This talk will cover a wide variety of agent technologies applied to intrusion detections and provide analysis, testing and performance of IDS agents (with use cases) from historical perspectives. 

I will highlight the differences between AI Agents and Agentic AI; discuss the benefits and risks of such emerging technologies in cybersecurity solutions such as intrusion detection.

References:

• D. Dasgupta. Use of Agent Technology for Intrusion Detection. A Chapter in the book--Handbook of Information Security, Volume 3, Threats, Vulnerabilities, Prevention, Detection and Management (Part-3), (Editor: Hossein Bidgoli) ISBN: 0-471-64832-9, John Wiley & Sons, pp 730-743, Jan 2006.

• Dipankar Dasgupta et al, CIDS: Agent Architecture for Intrusion Detection and Response. In the journal on Computers & Security, Volume 24, Issue 5, Pages 387-398, August 2005. 

• D. Dasgupta, F. Gonzalez, K. Yallapu, J. Gomez. An administrative tool for monitoring a distributed agent society. Published in the proceedings of the Open Cougaar Conference, New York, NY, July 20, 2004.

• Dipankar Dasgupta and Hal Brian. Mobile Security Agents for Network Traffic Analysis. In the proceedings of DARPA Information Survivability Conference and Exposition II (DISCEX-II), Vol.2, pp. 332-340, Anaheim, California, IEEE Computer Society Press, June 12-14, 2001.

• AI Agents vs. Agentic AI: A Conceptual Taxonomy, Applications and Challenges. Ranjan Sapkota, Konstantinos I. Roumeliotis, Manoj Karkee, May 2025. https://arxiv.org/abs/2505.10468.