Stand H6

About the Project

The Multi-Agent Intrusion Detection and Prevention System (MA-IDPS) is a comprehensive cybersecurity framework designed to address the limitations of traditional intrusion detection systems, such as high false positive rates and a lack of automated response capabilities. The system is built on a modular, multi-agent architecture where specialized, concurrent agents collaborate to provide end-to-end network security. The operational workflow begins with the Traffic Monitoring Agent (TMA), which performs live packet capture and uses advanced feature engineering to convert raw network traffic into a 78-dimensional feature vector. This vector is passed to the Intrusion Detection Agent (IDA), the analytical core of the system. The IDA houses a hybrid deep learning model combining a Convolutional Neural Network (CNN) for spatial pattern recognition and a Long Short-Term Memory (LSTM) network for temporal sequence analysis which was built entirely from scratch using NumPy. Upon successful classification of a threat, the Explainability and Proactive Defense Agent (EPDA) takes over. It generates human-readable alerts for administrators and, crucially, performs the proactive defense function by automatically adding the attacker's source IP address to a blacklist. The main server then uses this blacklist to actively reject any subsequent connection attempts from the malicious actor. Evaluated on the CIC-IDS-2017 dataset, the model achieved 99% accuracy with a low false positive rate of 2.1%. A live attack simulation further validated the system's ability to successfully detect and block an active Denial of Service attack in real-time. The MA-IDPS proves to be a robust, explainable, and effective solution that not only detects intrusions with high precision but also automates the prevention process, significantly reducing the burden on security personnel.