All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Flow Based Network Intrusion Detection System using Hardware-Accelerated NetFlow Probes

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F08%3A03151465" target="_blank" >RIV/68407700:21230/08:03151465 - isvavai.cz</a>

  • Alternative codes found

    RIV/63839172:_____/08:00000961 RIV/00216224:14610/08:00042091

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Flow Based Network Intrusion Detection System using Hardware-Accelerated NetFlow Probes

  • Original language description

    Current network intrusion detection methods based on anomaly detection approaches suffer from comparatively higher error rate and low performance. Proposed flow based network intrusion detection system addresses these issues by (i) using hardware-accelerated probes to collect unsampled NetFlow data from gigabit-speed network links and (ii) combining several anomaly detection algorithms by means of collective trust modeling, a multi-agent data fusion method. The data acquired on the network is preprocessed and passed to anomaly detection models to gather independent anomaly opinions for each flow. The anomaly data is passed to several trust models to aggregate the anomalies with past experience, and the flows are re-evaluated to obtain their trustfulness, which is further aggregated to detect malicious traffic. Experiments performed on-line on real campus network illustrate system suitability for real-time network surveillance.

  • Czech name

    Systém detekce intruzí založený na hardwarově akcelerované analýze síťových toků

  • Czech description

    Současné techniky detekce intruzí založené na detekci anomálií přístupů trpí relativně vyšší mírou chybovosti a nízkou výkonnosti. Navrhovaný system založený na pozorování toků řeší tyto problémy (i) využitím hardware-akcelerované sondy pro unsampled sběr NetFlow dat z gigabitové sítě a (ii) kombinací několik algoritmů detekce anomálií prostřednictvím kolektivního modelování důvěryhodnosti, metodou multi-agentní fúze dat

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    JC - Computer hardware and software

  • OECD FORD branch

Result continuities

  • Project

    <a href="/en/project/1M0567" target="_blank" >1M0567: Centre for Applied Cybernetics</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>Z - Vyzkumny zamer (s odkazem do CEZ)

Others

  • Publication year

    2008

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    CESNET Conference 2008: Security, Middleware, and Virtualization - Glue of Future Networks

  • ISBN

    978-80-904173-0-4

  • ISSN

  • e-ISSN

  • Number of pages

    8

  • Pages from-to

  • Publisher name

    CESNET

  • Place of publication

    Praha

  • Event location

    Prague

  • Event date

    Sep 25, 2008

  • Type of event by nationality

    EUR - Evropská akce

  • UT code for WoS article

Similar results(10)

CAMNEP: Multistage Collective Network Behavior Analysis System with Hardware Accelerated NetFlow ProbesMulti-Agent Approach to Network Intrusion Detection (Demo Paper)Multi-Agent Approach to Network Intrusion Detection