Adaptive Multiagent System for Network Traffic Monitoring

REHÁK, Martin, Michal PĚCHOUČEK, Martin GRILL, Jan STIBOREK, Karel BARTOŠ and Pavel ČELEDA. Adaptive Multiagent System for Network Traffic Monitoring. IEEE Intelligent Systems. Los Alamitos, CA, USA: IEEE Computer Society, 2009, vol. 24, No 3, p. 16-25. ISSN 1541-1672.

Basic information

• Original name: Adaptive Multiagent System for Network Traffic Monitoring
• Name in Czech: Adaptivní multiagentní systém pro sledování síťového provozu
• Authors: REHÁK, Martin (203 Czech Republic), Michal PĚCHOUČEK (203 Czech Republic), Martin GRILL (203 Czech Republic), Jan STIBOREK (203 Czech Republic), Karel BARTOŠ (203 Czech Republic) and Pavel ČELEDA (203 Czech Republic, guarantor, belonging to the institution).
• Edition: IEEE Intelligent Systems, Los Alamitos, CA, USA, IEEE Computer Society, 2009, 1541-1672.

Other information

• Original language: English
• Type of outcome: Article in a journal
• Field of Study: 10201 Computer sciences, information science, bioinformatics
• Country of publisher: United States of America
• Confidentiality degree: is not subject to a state or trade secret
• WWW: URL
• Impact factor: Impact factor: 3.144
• RIV identification code: RIV/00216224:14610/09:00042538
• Organization unit: Institute of Computer Science
• UT WoS: 000266330000006
• Keywords in English: network intrusion detection; data mining; multiagent systems; trust
• Tags: data mining, multiagent systems, network intrusion detection, rivok, trust
• Tags: International impact, Reviewed

Abstract

An application of agent-based data mining for near-real time detection of attacks against the computer networks and connected hosts is based on processing network traffic statistics provided by high-speed network monitoring cards and using a set of known anomaly-detection techniques to identify the anomalous behavior. The individual anomaly-detection methods have relatively high error rates that make them unfit for most practical deployments. Using the agent-based trust modeling technique, the Camnep system fuses the data provided by anomaly-detection methods and progressively builds a better classification with an acceptable error rate. The system uses agent-based self-adaptation techniques to dynamically align its structure with the changes in network traffic structure and attacks.

Abstract (in Czech)

Adaptivní multiagentní systém pro sledování síťového provozu. Systém je založen na agentech využívájící samoadoptujících technik pro dynamické přizpůsobení struktury na základě změn síťového provozu a útoků.

Links

• W911NF-08-1-0250, interní kód MU: Name: CAMNEP2 - Reflective-Cognitive Adaptation for Network Intrusion Detection Systems (Acronym: CAMNEP II)

Investor: U.S. Army RDECOM Acquisition Center, Reflective-Cognitive Adaptation for Network Intrusion Detection Systems