Summary: Intrusion Detection Systems (IDS) are essential for security in a computer network infrastructure. The dynamic nature of such networks calls for a detection system that has the ability to handle intrusions with precision. Agent-based IDS provide the flexibility in handling such dynamic environments. But the existing techniques fail to satisfactorily address issues such as false positives and irrelevant alerts. Any prior hint of the possible attacks in a given network would serve as a great resource to maximize the accuracy of the alerts raised by the IDS. Recent work in network security focuses on the fact that combinations of exploits are the typical means by which an intrusion takes place. Attack graphs or attack trees provide a succinct way of representing the vulnerabilities and their corresponding attacks in a typical network. In an attack graph (or tree) different vulnerabilities in the system are represented as vertices, and a directed edge from one vertex to another denotes the possible transition taken by an intruder because of an exploit existing in the system. In this paper, we aim at providing an agent-based intrusion- detection architecture which uses the patterns provided by the attack graphs to generate alerts with reduced false positives.