All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

CAMNEP: Multistage Collective Network Behavior Analysis System with Hardware Accelerated NetFlow Probes

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F09%3A00042453" target="_blank" >RIV/00216224:14610/09:00042453 - isvavai.cz</a>

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    CAMNEP: Multistage Collective Network Behavior Analysis System with Hardware Accelerated NetFlow Probes

  • Original language description

    Current network behavior analysis methods based on anomaly detection approaches suffer from comparatively higher error rate and low performance. We propose a framework system which addresses these issues by (i) using hardware-accelerated probes to collect unsampled NetFlow/IPFIX data from gigabit-speed network links and (ii) combining several anomaly detection algorithms by means of collective trust modeling, a multi-agent data fusion method. The data acquired on the network is preprocessed in the collector database and then passed to several anomaly detection methods to obtain several independent anomaly opinions for each flow. Each of these methods uses a distinct set of aggregate traffic features to determine the anomaly of each flow, which is determined by comparing the observed flows with a method-specific traffic prediction and/or a set of rules. The anomaly data is passed to several trust models to aggregate the current anomalies with past experience.

  • Czech name

  • Czech description

Classification

  • Type

    A - Audiovisual production

  • CEP classification

    IN - Informatics

  • OECD FORD branch

Result continuities

  • Project

  • Continuities

    V - Vyzkumna aktivita podporovana z jinych verejnych zdroju

Others

  • Publication year

    2009

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • ISBN

  • Place of publication

  • Publisher/client name

  • Version

  • Carrier ID

Similar results(10)

Flow Based Network Intrusion Detection System using Hardware-Accelerated NetFlow ProbesTrust Based Classifier Combination for Network Anomaly DetectionCAMNEP: Agent Based Network Intrusion Detection System (Short Paper)