You are here:
Publication details
Multi-Agent Approach to Network Intrusion Detection (Demo Paper)
Authors | |
---|---|
Year of publication | 2008 |
Type | Article in Proceedings |
Conference | Proceedings of the 7th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2008) - Industrial and Applications Track |
MU Faculty or unit | |
Citation | |
Web | http://www.ifmas.org/Proceedings/aamas08/proceedings/pdf/demo/AAMAS08_demo18.pdf |
Field | Informatics |
Keywords | trust; intrusion detection; network behavior analysis |
Description | Our demo presents an agent-based intrusion detection system designed for deployment on high-speed backbone networks. The major contribution of the system is the integration of several anomaly detection techniques by means of collective trust modeling within a group of collaborative detection agents, each featuring a specific detection algorithm. The principal role of anomalies is to provide the input into the trust modeling stage of the detection, where each agent determines the flow trustfulness from aggregated anomalies. The aggregation is performed by extended trust models that model the trustfulness of generalized situated identities, represented by a set of observable features. The system is based on traffic statistics in NetFlow format acquired by dedicated hardware-accelerated network cards, and is able to perform a real-time surveillance of the gigabit networks. |
Related projects: |