All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”
EN
ČeštinaEnglish

Trust Based Classifier Combination for Network Anomaly Detection

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F08%3A03152821" target="_blank" >RIV/68407700:21230/08:03152821 - isvavai.cz</a>

  • Result on the web

  • DOI - Digital Object Identifier

Alternative languages

  • Result language

    angličtina

  • Original language name

    Trust Based Classifier Combination for Network Anomaly Detection

  • Original language description

    We present a method that improves the results of network intrusion detection by integrating several anomaly detection algorithms through trust and reputation models. Our algorithm is based on existing network behavior analysis approaches that are embodied into several detection agents. We divide the processing into three distinct phases: anomaly detection, trust model update and collective trusting decision. Each of these phases contributes to the reduction of classification error rate, by the aggregation of anomaly values provided by individual algorithms, individual update of each agent's trust model based on distinct traffic representation features (derived from its anomaly detection model), and re-aggregation of the trustfulness data provided by individual agents. The result is a trustfulness score for each network flow, which can be used to guide the manual inspection, thus significantly reducing the amount of traffic to analyze.

  • Czech name

    Kombinovani metod detekce anomalii pomoci modelovani duveryhodnosti

  • Czech description

    Představujeme metodu která zpřesňuje výsledky detekce útoků v sítích pomocí analýzy profilu chování pomocí modelů důvěryhodnosti a reputace. Náš algoritmus je založen na existujících algoritmech detekce anomálií, vtělených do inteligentních agentů. Datajsou zpracovávána ve třech fázích: detekce anomálií, update modelu důvěryhodnosti a nalezení důvěryhodnosti jednotlivých toků. Každá z těchto etap snižuje chybovost původních metod detekce anomálií, pomocí agregace hodnot anomálií, individuálního updatemiodelu důvěryhodnosti a re-agreagcidat poskytnutých více agenty. Systém ve výsledku ohodnotí každý tok důvěryhodností, a sníží tak náročnost analýzy dat o provozu.

Classification

  • Type

    D - Article in proceedings

  • CEP classification

    JC - Computer hardware and software

  • OECD FORD branch

Result continuities

  • Project

  • Continuities

    Z - Vyzkumny zamer (s odkazem do CEZ)

Others

  • Publication year

    2008

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Cooperative Information Agents XII

  • ISBN

    978-3-540-85833-1

  • ISSN

    0302-9743

  • e-ISSN

  • Number of pages

    15

  • Pages from-to

  • Publisher name

    Springer

  • Place of publication

    Heidelberg

  • Event location

    Prague

  • Event date

    Sep 10, 2008

  • Type of event by nationality

    EUR - Evropská akce

  • UT code for WoS article

    000259441000011

Similar results(10)

Multi-Agent Approach to Network Intrusion Detection (Demo Paper)Multi-Agent Approach to Network Intrusion DetectionMulti Agent Approach to Network Intrusion Detection (Demo Paper)