Project details

 

Reflective-Cognitive Adaptation for Network Intrusion Detection Systems (CAMNEP II)

Project Identification:W911NF-08-1-0250
Project Period:6/2008 - 12/2009
Investor:link to a new windowU.S. Army RDECOM Acquisition Center
Programme / Project Type:U.S. Army RDECOM Acq Ctr Projects -
MU Faculty/Unit:
Institute of Computer Science
MU Investigator:Ing. Jiří Novotný
Project Team Member:Ing. Pavel Čeleda, Ph.D.
RNDr. Vojtěch Krmíček, Ph.D.
Cooperating Organization:
link to a new windowCzech Technical University Prague
Responsible Person:Assoc. Prof. Ing. Michal Pěchouček, M.Sc.
link to a new windowFaculty of Electrical Engineering CTU
Publications/Results:more
Project Website:http://www.muni.cz/ics/camnep
Keywords:intrusion detection, network behavior analysis, multi-agent system, trust, anomaly detection, programable hardware
Annotation

The goal of the CAMNEP II project is to combine the high-bandwidth network traffic acquisition devices with distributed and adaptive multi-agent system to deliver a concept of efficient, effective and self-managing Network Intrusion Detection System (NIDS). This system would be deployed on backbone links of one or more network operators in order to detect malicious traffic, minimizing the rate of false positives/negatives that renders current systems less effective. Attack detection process will rely on cooperation between a community of trusting agents, each specialized in one aspect of traffic characteristics. We aim to further reduce the system operational costs by providing basic self-adaptation capabilities, using the coordination methods from multi-agent field and adaptive software/hardware in traffic acquisition layer. The system operation and adaptation will be supervised and regulated via advanced user interface, that would proactively seek additional information for each incident and will also allow policy specification.