REHÁK, Martin, Michal PĚCHOUČEK, Martin GRILL, Karel BARTOŠ, Vojtěch KRMÍČEK a Pavel ČELEDA. Collaborative approach to network behaviour analysis based on hardware-accelerated FlowMon probes. International Journal of Electronic Security and Digital Forensics. Ženeva: Inderscience Publishers, 2009, roč. 2, č. 1, s. 35-48. ISSN 1751-911X. |
Další formáty:
BibTeX
LaTeX
RIS
@article{833722, author = {Rehák, Martin and Pěchouček, Michal and Grill, Martin and Bartoš, Karel and Krmíček, Vojtěch and Čeleda, Pavel}, article_location = {Ženeva}, article_number = {1}, keywords = {hardware acceleration; knowledge fusion; multi-agent intrusion detection; network behaviour analysis; network intrusion detection; network security}, language = {eng}, issn = {1751-911X}, journal = {International Journal of Electronic Security and Digital Forensics}, title = {Collaborative approach to network behaviour analysis based on hardware-accelerated FlowMon probes}, volume = {2}, year = {2009} }
TY - JOUR ID - 833722 AU - Rehák, Martin - Pěchouček, Michal - Grill, Martin - Bartoš, Karel - Krmíček, Vojtěch - Čeleda, Pavel PY - 2009 TI - Collaborative approach to network behaviour analysis based on hardware-accelerated FlowMon probes JF - International Journal of Electronic Security and Digital Forensics VL - 2 IS - 1 SP - 35-48 EP - 35-48 PB - Inderscience Publishers SN - 1751911X KW - hardware acceleration KW - knowledge fusion KW - multi-agent intrusion detection KW - network behaviour analysis KW - network intrusion detection KW - network security N2 - Network behaviour analysis techniques are designed to detect intrusions and other undesirable behaviour in computer networks by analysing the traffic statistics. We present an efficient framework for integration of anomaly detection algorithms working on the identical input data. This framework is based on high-speed network traffic acquisition subsystem and on trust modelling, a well-established set of techniques from the multi-agent system field. Trust-based integration of algorithms results in classification with lower error rate, especially in terms of false positives. The presented system is suitable for both online and offline processing, and introduces a relatively low computational overhead compared to deployment of isolated anomaly detection algorithms. ER -
REHÁK, Martin, Michal PĚCHOUČEK, Martin GRILL, Karel BARTOŠ, Vojtěch KRMÍČEK a Pavel ČELEDA. Collaborative approach to network behaviour analysis based on hardware-accelerated FlowMon probes. \textit{International Journal of Electronic Security and Digital Forensics}. Ženeva: Inderscience Publishers, 2009, roč.~2, č.~1, s.~35-48. ISSN~1751-911X.
|