CAMNEP: Agentní systém pro detekci intruzí v počítačových sítích

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F08%3A03145235" target="_blank" >RIV/68407700:21230/08:03145235 - isvavai.cz</a>

Výsledek na webu

—

DOI - Digital Object Identifier

—

Jazyk výsledku

angličtina

Název v původním jazyce

CAMNEP: Agent Based Network Intrusion Detection System (Short Paper)

Popis výsledku v původním jazyce

We present a prototype of agent-based intrusion detection system designed for deployment on high-speed backbone networks. The main contribution of the system is the integration of several anomaly detection techniques by means of collective trust modelingwithin a group of collaborative detection agents, each featuring a specific detection algorithm. The anomalies are used as an input for the trust modeling. In this stage, each agent determines the flow trustfulness from aggregated anomalies. The aggregation is performed by extended trust models that model the trustfulness of generalized situated identities, represented by a set of observable features. The system is based on traffic statistics in NetFlow format acquired by dedicated hardware-acceleratednetwork cards, and is able to perform a real-time surveillance of the gigabit networks.

Název v anglickém jazyce

CAMNEP: Agent Based Network Intrusion Detection System (Short Paper)

Popis výsledku anglicky

We present a prototype of agent-based intrusion detection system designed for deployment on high-speed backbone networks. The main contribution of the system is the integration of several anomaly detection techniques by means of collective trust modelingwithin a group of collaborative detection agents, each featuring a specific detection algorithm. The anomalies are used as an input for the trust modeling. In this stage, each agent determines the flow trustfulness from aggregated anomalies. The aggregation is performed by extended trust models that model the trustfulness of generalized situated identities, represented by a set of observable features. The system is based on traffic statistics in NetFlow format acquired by dedicated hardware-acceleratednetwork cards, and is able to perform a real-time surveillance of the gigabit networks.

Druh

D - Stať ve sborníku

CEP obor

JC - Počítačový hardware a software

OECD FORD obor

—

Projekt

—

Návaznosti

Z - Vyzkumny zamer (s odkazem do CEZ)

Rok uplatnění

2008

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

AAMAS 2008 Conference Proceedings - Full and Short Papers of the Industry and Application Track

ISBN

978-0-9817381-3-0

ISSN

—

e-ISSN

—

Počet stran výsledku

4

Strana od-do

—

Název nakladatele

ACM

Místo vydání

New York

Místo konání akce

Estoril

Datum konání akce

12. 5. 2008

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—