Publication details

 

CAMNEP: Agent-Based Network Intrusion Detection System

Basic information
Original title:CAMNEP: Agent-Based Network Intrusion Detection System
Authors:Martin Rehák, Michal Pěchouček, Pavel Čeleda, Jiří Novotný, Pavel Minařík
Further information
Citation:REHÁK, Martin, Michal PĚCHOUČEK, Pavel ČELEDA, Jiří NOVOTNÝ a Pavel MINAŘÍK. CAMNEP: Agent-Based Network Intrusion Detection System. In Proceedings of the 7th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2008) - Industrial and Applications Track. 1. vyd. Estoril: Inesc-Id, 2008. s. 133-136, 4 s. ISBN 978-0-9817381-3-0.Export BibTeX
@inproceedings{767621,
author = {Rehák, Martin and Pěchouček, Michal and Čeleda, Pavel and Novotný, Jiří and Minařík, Pavel},
address = {Estoril},
booktitle = {Proceedings of the 7th International Conference on Autonomous Agents and Multiagent Systems (AAMAS 2008) - Industrial and Applications Track},
edition = {1},
keywords = {trust; intrusion detection; network behavior analysis},
language = {eng},
location = {Estoril},
isbn = {978-0-9817381-3-0},
pages = {133-136},
publisher = {Inesc-Id},
title = {CAMNEP: Agent-Based Network Intrusion Detection System},
url = {http://www.ifmas.org/Proceedings/aamas08/proceedings/pdf/industrial_application_track/AAMAS08_IndTrack_34.pdf},
year = {2008}
}
Original language:English
Field:Informatics
WWW:link to a new windowhttp://www.ifmas.org/Proceedings/aamas08/proceedings/pdf/industrial_application_track/AAMAS08_IndTrack_34.pdf
Type:Article in Proceedings
Keywords:trust; intrusion detection; network behavior analysis

We present a prototype of agent-based intrusion detection system designed for deployment on high-speed backbone networks. The main contribution of the system is the integration of several anomaly detection techniques by means of collective trust modeling within a group of collaborative detection agents, each featuring a specific detection algorithm. The system is based on traffic statistics in NetFlow format acquired by dedicated hardware-accelerated network cards, and is able to perform a real-time surveillance of the gigabit networks.

Related projects: