Další formáty:
BibTeX
LaTeX
RIS
@inproceedings{746142, author = {Rehák, Martin and Pěchouček, Michal and Čeleda, Pavel and Krmíček, Vojtěch and Minařík, Pavel and Medvigy, David}, address = {Berlin}, booktitle = {Multi-Agent Systems and Applications V}, keywords = {multi-agent systems; attack detection; high-speed networks}, language = {eng}, location = {Berlin}, isbn = {978-3-540-75253-0}, pages = {73-82}, publisher = {Springer Berlin / Heidelberg}, title = {Collaborative Attack Detection in High-Speed Networks}, url = {http://www.springerlink.com/content/e27202167v78u275/?p=851574cb079b4ac889eb4de3becfd054&pi=1}, year = {2007} }
TY - JOUR ID - 746142 AU - Rehák, Martin - Pěchouček, Michal - Čeleda, Pavel - Krmíček, Vojtěch - Minařík, Pavel - Medvigy, David PY - 2007 TI - Collaborative Attack Detection in High-Speed Networks PB - Springer Berlin / Heidelberg CY - Berlin SN - 9783540752530 KW - multi-agent systems KW - attack detection KW - high-speed networks UR - http://www.springerlink.com/content/e27202167v78u275/?p=851574cb079b4ac889eb4de3becfd054&pi=1 N2 - We present a multi-agent system designed to detect malicious traffic in high-speed networks. In order to match the performance requirements related to the traffic volume, the network traffic data is acquired by hardware accelerated probes in NetFlow format and preprocessed before processing by the detection agent. The proposed detection algorithm is based on extension of trust modeling techniques with representation of uncertain identities, context representation and implicit assumption that significant traffic anomalies are a result of potentially malicious action. In order to model the traffic, each of the cooperating agents uses an existing anomaly detection method, that are then correlated using a reputation mechanism. The output of the detection layer is presented to operator by a dedicated analyst interface agent, which retrieves additional information to facilitate incident analysis. Our performance results illustrate the potential of the combination of high-speed hardware with cooperative detection algorithms and advanced analyst interface. ER -
REHÁK, Martin, Michal PĚCHOUČEK, Pavel ČELEDA, Vojtěch KRMÍČEK, Pavel MINAŘÍK a David MEDVIGY. Collaborative Attack Detection in High-Speed Networks. In \textit{Multi-Agent Systems and Applications V}. Berlin: Springer Berlin / Heidelberg, 2007, s.~73-82. ISBN~978-3-540-75253-0.
|