Publication details

Multi-Agent Approach to Network Intrusion Detection (Demo Paper)

Authors

REHÁK Martin PĚCHOUČEK Michal ČELEDA Pavel KRMÍČEK Vojtěch BARTOŠ Karel GRILL Martin

Year of publication 2008
Type Article in Proceedings
Conference Proceedings of the 7th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2008) - Industrial and Applications Track
MU Faculty or unit

Faculty of Informatics

Citation
Web http://www.ifmas.org/Proceedings/aamas08/proceedings/pdf/demo/AAMAS08_demo18.pdf
Field Informatics
Keywords trust; intrusion detection; network behavior analysis
Description Our demo presents an agent-based intrusion detection system designed for deployment on high-speed backbone networks. The major contribution of the system is the integration of several anomaly detection techniques by means of collective trust modeling within a group of collaborative detection agents, each featuring a specific detection algorithm. The principal role of anomalies is to provide the input into the trust modeling stage of the detection, where each agent determines the flow trustfulness from aggregated anomalies. The aggregation is performed by extended trust models that model the trustfulness of generalized situated identities, represented by a set of observable features. The system is based on traffic statistics in NetFlow format acquired by dedicated hardware-accelerated network cards, and is able to perform a real-time surveillance of the gigabit networks.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.

More info